Scott,
Thank you very much. I was searching on the docs to figure out what to
do but was not sure exactly how to do it.
Ryan
Ryan,
You can't use an existing service ticket more than once. If you're
accessing that web service on behalf of the user, I recommend that you
use CAS's proxying features. When you go to validate the initial
service ticket, supply a pgtCallbackUrl with the validation request
(the CAS client should have details on how to configure this). Your
application will receive a ProxyGrantingTicket which it can then use
to retrieve one-time ProxyTicket's that it can pass along to the web
service.
-Scott
On 1/18/07, *Ryan J. Peterson* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
I am working on creating a secure user system. I have CAS
connected to ldap and have it tied to authorize users when they
access any of our sites. However, now I would like to secure a
web-service by doing something like calling the WSDL with the
ticket ( http://webservice/api/?ticket=ST-TICKET#-20) that the
user has received on login.
I want the web service to check if the ticket is valid before
proceeding to ensure the web service is secure. How do I call CAS
to do this, or do I do it some other way?
--
*Ryan J. Peterson*
Chief Technology Officer
OurGV, INC.
_______________________________________________
Yale CAS mailing list
[email protected] <mailto:[email protected]>
http://tp.its.yale.edu/mailman/listinfo/cas
------------------------------------------------------------------------
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
