You want to modify the cas client config in spring security to signal the cas server that the request is coming from a rest resource. Then, modify the cas server to interpret that signal and send the response if no SSO session exists.
From: Venkatesh Babu KR [mailto:[email protected]] Sent: Tuesday, May 12, 2015 2:17 AM To: [email protected] Subject: [cas-user] Configure CAS to redirect with error if ticket not found Hi, We have a REST service and using spring security on top of it to secure the service. However, for authentication dependent on CAS. So, the users are getting redirected to CAS in order to get service ticket before accessing our REST service. However, we are facing usability issue here. If users are not having TGT or service ticket (i.e. not authenticated beforehand), the CAS login page gets shown where users have to login in order to complete the service request. This is affecting few of our client side apps, as we are trying to access REST services through AJAX requests. Here we want to return a 404 response if users are not yet authenticated, instead of redirecting them to login page. Can this be done? If yes, then, could you please share any details around how to configure our Spring security client or CAS server for this? Found a google group discussion around this topic here: https://groups.google.com/forum/#!topic/jasig-cas-user/gqO50zWiQPM, but this too doesn't explain things fully. Appreciate your help in this regard. Regards, Venkatesh -- You are currently subscribed to [email protected] <mailto:[email protected]> as: [email protected] <mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
