Hi, The protection of the application is done by the /roles /filter. It redirects you to the CAS server if you are not authenticated. The /casFilter /is the url on which to receive the service ticket. When receiving a service ticket, a /CasToken /will be created used by the /casRealm /to perform the authentication.
If you want to disabled the redirection to the CAS server, you have to change the /loginUrl /of the /roles /filter or use another filter. Just calling the /casFilter/ through the /shiro-cas?ticket=/the_service_ticket/ url will perform the CAS authentication. So you can call directly this url after authenticating through the CAS REST API. Best regards, Jérôme -- View this message in context: http://shiro-user.582556.n2.nabble.com/shiro-cas-tp7578535p7578536.html Sent from the Shiro User mailing list archive at Nabble.com.
