o.k. thanks Misagh for your suggestion and hint. I was able to modify the CAS login webflow to accept a request parameter like - skiplogin and based on that parameter, perform appropriate action. On the spring security side, I was able to modify the stuff to send that parameter as well. Looks like this is the best we can do. Not sure if there is a better way.
Regards, Venkatesh On Tue, May 12, 2015 at 3:29 PM, Misagh Moayyed <[email protected]> wrote: > You want to modify the cas client config in spring security to signal the > cas server that the request is coming from a rest resource. Then, modify > the cas server to interpret that signal and send the response if no SSO > session exists. > > > > *From:* Venkatesh Babu KR [mailto:[email protected]] > *Sent:* Tuesday, May 12, 2015 2:17 AM > *To:* [email protected] > *Subject:* [cas-user] Configure CAS to redirect with error if ticket not > found > > > > Hi, > > We have a REST service and using spring security on top of it to secure > the service. However, for authentication dependent on CAS. So, the users > are getting redirected to CAS in order to get service ticket before > accessing our REST service. > > However, we are facing usability issue here. If users are not having TGT > or service ticket (i.e. not authenticated beforehand), the CAS login page > gets shown where users have to login in order to complete the service > request. This is affecting few of our client side apps, as we are trying to > access REST services through AJAX requests. Here we want to return a 404 > response if users are not yet authenticated, instead of redirecting them to > login page. Can this be done? If yes, then, could you please share any > details around how to configure our Spring security client or CAS server > for this? > > Found a google group discussion around this topic here: > https://groups.google.com/forum/#!topic/jasig-cas-user/gqO50zWiQPM, but > this too doesn't explain things fully. Appreciate your help in this regard. > > Regards, > > Venkatesh > > > > -- > > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
