RE: SOAP Webservices and CAS

Thu, 30 Aug 2007 07:59:02 -0700 

On the client we've got a portlet accessing the web service so I've good
example client side code - but it also shows how you'd do it on the
server...

OK - I'm using a CCASProxyPortletAdaptor as suggested in the wiki -
which sets up a service (other than the web service) that my portlet is
expecting. 

The portlet then contains (this is only being used as a proof of concept
for us at the moment - so excuse the quality of the code):

String service = "http://www.bathrugby.co.uk";;
                String validationService =
"http://paulh.uwe.ac.uk/uPortal/casClientPortlet";;
                String validateURL = "https://paulh.uwe.ac.uk/cas/";;
                String proxyURL =
"https://paulh.uwe.ac.uk/casClientPortlet/CasProxyServlet";;
...

Map userInfo = (Map) request.getAttribute(PortletRequest.USER_INFO);
                String pgtIou = (String) session.getAttribute("pgtIou");
                if (pgtIou == null) {
                        String ticket = (String)
userInfo.get("casProxyTicket");
                        ServiceTicketValidator serviceValidator = new
ServiceTicketValidator();
                        serviceValidator.setService(validationService);
                        serviceValidator.setServiceTicket(ticket);
                        serviceValidator.setProxyCallbackUrl(proxyURL);
                        serviceValidator.setCasValidateUrl(validateURL +
"proxyValidate");
                        try {
                                serviceValidator.validate();
                        } catch (SAXException e) {
                                System.out.println("Failed to parse CAS
response: " + e);
                        } catch (ParserConfigurationException e) {
                                System.out.println("Failed to create
response parser: " + e);
                        }
                        
                        pgtIou = serviceValidator.getPgtIou();
                        System.out.println("pgtIou: " + pgtIou);
                        session.setAttribute("pgtIou", pgtIou);
                }
                String proxyTicket =
ProxyTicketReceptor.getProxyTicket(pgtIou, service);

If you passed your Java web service a ticket then you could use the
code:

ServiceTicketValidator serviceValidator = new ServiceTicketValidator();
                        serviceValidator.setService(validationService);
                        serviceValidator.setServiceTicket(ticket);
                        serviceValidator.setProxyCallbackUrl(proxyURL);
                        serviceValidator.setCasValidateUrl(validateURL +
"proxyValidate");
                        try {
                                serviceValidator.validate();
                        } catch (SAXException e) {
                                System.out.println("Failed to parse CAS
response: " + e);
                        } catch (ParserConfigurationException e) {
                                System.out.println("Failed to create
response parser: " + e);
                        }

And then:

serviceValidator.getUser();

To authenticate using the ticket...

Does that all make sense?  If not then shout back and I'll try and make
it clear...

Cheers

Paul Hunnisett
UWE

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Marat Radchenko
Sent: 30 August 2007 13:53
To: Yale CAS mailing list
Subject: Re: SOAP Webservices and CAS

Yes, I'm using Java. Example code would be great.


2007/8/30, Paul Hunnisett <[EMAIL PROTECTED]>:
> If you're using Java then the normal casclient.jar will work for you.
> We've got a scenario where Java portlets interact with CAS to get a 
> proxy ticket to send to (in our case) a .Net web service (although it 
> doesn't matter the language or platform) and it all works perfectly 
> well.  If that's what you're looknig to do then let me know and I'll 
> send you some example code.
>
> Cheers
>
> Paul Hunnisett
> UWE
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> On Behalf Of Marat Radchenko
> Sent: 30 August 2007 12:52
> To: [email protected]
> Subject: SOAP Webservices and CAS
>
> Hi!
>
> I'm writing webservices client/server application and need to 
> authenticate webservice clients via CAS. Are there any hints on 
> casifying of webservices, preferrably WS-AT based?
>
> Thanks in advance,
> Marat Radchenko
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
> This incoming email to UWE has been independently scanned for viruses 
> by McAfee anti-virus software and none were detected
>
>
> This email was independently scanned for viruses by McAfee anti-virus 
> software and none were found 
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas


This incoming email to UWE has been independently scanned for viruses by
McAfee anti-virus software and none were detected


This email was independently scanned for viruses by McAfee anti-virus software 
and none were found
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to