Restful CAS client and Proxy Granting Tickets

4
votes

I have an application that uses a CAS server to authenticate. I first use a REST call to generate a ticket generating ticket which is then validated successfully and a service ticket is generated.

My next step is to pass this ticket to another webapp as a parameter in a web service call and let them login to the same CAS server with it. Apparently this kind of behaviour is possible if I use proxy granting tickets instead of ticket granting tickets but I can't see any way to get a PGT through the REST client.

Can anyone help with getting PGTs, or am I on a wild goose chase?

2
authenticationspring-securitycas

2 Answers

4
votes

Try looking at https://wiki.jasig.org/display/CAS/Proxy+CAS+Walkthrough

I went through the example, mimicking the various calls in code and it worked fine. The tricky bit was then writing the code to represent that code. In my case, it had to fit in with Spring Security

0
votes

Spring Security comes with libraries for authenticating to a stateless service using CAS. This includes requesting a ProxyGrantingTicket and then requesting a ProxyTicket.

The Spring Security 3.1.6 docs describe this in section 22.3.3