Ryan, You can't use an existing service ticket more than once. If you're accessing that web service on behalf of the user, I recommend that you use CAS's proxying features. When you go to validate the initial service ticket, supply a pgtCallbackUrl with the validation request (the CAS client should have details on how to configure this). Your application will receive a ProxyGrantingTicket which it can then use to retrieve one-time ProxyTicket's that it can pass along to the web service.
-Scott On 1/18/07, Ryan J. Peterson <[EMAIL PROTECTED]> wrote:
I am working on creating a secure user system. I have CAS connected to ldap and have it tied to authorize users when they access any of our sites. However, now I would like to secure a web-service by doing something like calling the WSDL with the ticket ( http://webservice/api/?ticket=ST-TICKET#-20) that the user has received on login. I want the web service to check if the ticket is valid before proceeding to ensure the web service is secure. How do I call CAS to do this, or do I do it some other way? -- *Ryan J. Peterson* Chief Technology Officer OurGV, INC. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
