So we have CAS running wonderfully for user applications. We are running CAS 4.01, using LDAP authentication and have attributes being returned for authorization when needed. We want to require authentication on a couple web services, and would like to do it through our existing CAS server. There needs to be no human interaction necessary between the web application and the web service requests. I think I could do this either by using proxy authentication or the CAS REST API.
So I thought I would see if anyone wants to weigh in on the best way to implement web service authentication without human interaction. If there are any other ways to implement this, I would love to evaluate all my options. Does anyone have a preference one way or the other? Are there any security concerns (besides the obvious) I need to be careful of? Thanks for the advice, Nancy Snoke -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
