If you want Application A to obtain a ProxyGrantingTicket and proxy tickets you'll need to configure Spring Security for proxying (i.e. configure the correct ticket validator, etc.). In Spring Security you'll also need to access the underlying Assertion object (it should be linked from the CasAuthentication object in Spring Security) and then the Principal attached to the Assertion. I.e. assertion.getPrincipal(). You can then call assertion.getPrincipal().getProxyTicketFor(proxiedApplicationServiceUrl).
-Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Fri, Sep 26, 2008 at 1:28 AM, Leena Borle <[EMAIL PROTECTED]> wrote: > Hello, > I have 2 webapplications, say webappA and webappB. WebappA has Cas-Java > client 3.1.3 with spring security-2.0.3 setup. WebappB has Cas-java client > 3.1.3 configured in web.xml setup. Cas server is Cas3.3. All these > applications work fine when I call them from the browser. > But actually what I want to do is, in webappA, I have HttpClient, that > needs to access some data from webappB. This is where I am stuck. I added > proxy-support in web.xml of webappB according to the instruction. How do I > obtain proxy-ticket to pass it to url( > http://localhost:8080/webappB/...?ticket=...) of webappB? I do have > access to spring's CasAuthentication Object whose credentials contain > service ticket for webappA. How do I generate proxy-ticket from it? If I > pass this same ticket to the url, I get "Invalid Ticket" message from the > Cas server. > Is there any proxy example available for Cas-client 3.1. > > web.xml for WebAppB is as follows. > > <filter> > <filter-name>CAS Validation Filter</filter-name> > > <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> > <init-param> > <param-name>casServerUrlPrefix</param-name> > <param-value>https://localhost:8443/cas</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>http://localhost:8080</param-value> > </init-param> > <init-param> > <param-name>acceptAnyProxy</param-name> > <param-value>true</param-value> > </init-param> > <init-param> > <param-name>proxyReceptorUrl</param-name> > <param-value>/proxy/receptor</param-value> > </init-param> > <init-param> > <param-name>proxyCallbackUrl</param-name> > <param-value>https://localhost:8443/WebAppB/proxy/receptor > </param-value> > </init-param> > <init-param> > <param-name>redirectAfterValidation</param-name> > <param-value>true</param-value> > </init-param> > </filter> > > <filter> > <filter-name>CAS Authentication Filter</filter-name> > > <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> > <init-param> > <param-name>casServerLoginUrl</param-name> > <param-value>https://localhost:8443/cas/login > </param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>http://localhost:8080</param-value> > </init-param> > <init-param> > <param-name>gatewat</param-name> > <param-value>true</param-value> > </init-param> > > </filter> > > Thanks, > Leena > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
