I'm trying to get more info on how I would use CAS SOAP APIs to programmatically access authentication information...
What I'm trying to accomplish is a web service handler that will programmatically check whether the current session is valid and if not issue an exception SOAP or any other way that will notify the client of the issue and allow them to handle the redirect to the CAS url. The problem that I have is that though I can have the client store the ticket on the client side and/or keep it within the stateful serverside session, the ticket is only valid for one validation, though what's a good pattern of handling such situations. Should I issue a new ticket to the client on each response and though each subsequent response would send it the ticket. The problem with this approach is the fact that service invocations can be done in a clustered environment and also asynchronously and this drives the complexity up. I've read the lifecycle of validating sessions and have a good understanding of how this would work, but can someone give me some insight of accomplishing the task above. How can each web service request on the server side validate the client? I'm having issues finding programmatic implementation documentation on the site and though some exists, it's not really detailed, as I'm sure most just use cas with it's current servlet filter. The basic idea is that I need to write my own plugin/filter implementation and need some advice. Thanks. Ilya Sterin _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
