Jasig › Jasig CAS › CAS Developers

CAS+Acegi Client: Validating the Service Ticket generated using Restful API

3 messages Options
Embed this post
Permalink
Ram Mohan

CAS+Acegi Client: Validating the Service Ticket generated using Restful API

Reply Threaded More More options
Print post
Permalink
Hi,

I am using CAS and Acegi Client for the Authentication.
I need to make remote calls(which doesn't involve Browser) to the secure pages. I used the RESTful API solution provided by CAS to get the Service Ticket.

And now, I tried to access the service with this ST(i.e, http://service?ticket=ST) as specified in the RESTful documentation page.
But, as Acegi Filters are configured on these pages, the requests are being redirected to CAS login. How do i say the Acegi filters that these requests are from stateless clients and you just forward these requests to CAS validator.

I found this text from Acegi Documentation( http://www.acegisecurity.org/guide/springsecurity.html#cas-advanced ). I couldn't get the exact implementation details from it.
"Stateless clients are likely to be via remoting protocols such as Hessian and Burlap. The BasicProcessingFilter is still used in this case, but the remoting protocol client is expected to present a username equal to the static string above, and a password equal to a CAS service ticket. Clients should acquire a CAS service ticket directly from the CAS server."

I am confused on how to send the username and password as the documentation specified.

Thanks for your insights,

-Ram


-- 
You are currently subscribed to [hidden email] as: [hidden email]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
Scott Battaglia-2

Re: CAS+Acegi Client: Validating the Service Ticket generated using Restful API

Reply Threaded More More options
Print post
Permalink
Its intended that you pass those via BASIC Auth.  Also, please ask questions like this on the user list, not the dev list.

Thanks
-Scott


On Thu, Jun 25, 2009 at 7:25 AM, Ram Mohan <[hidden email]> wrote:
Hi,

I am using CAS and Acegi Client for the Authentication.
I need to make remote calls(which doesn't involve Browser) to the secure pages. I used the RESTful API solution provided by CAS to get the Service Ticket.

And now, I tried to access the service with this ST(i.e, http://service?ticket=ST) as specified in the RESTful documentation page.
But, as Acegi Filters are configured on these pages, the requests are being redirected to CAS login. How do i say the Acegi filters that these requests are from stateless clients and you just forward these requests to CAS validator.

I found this text from Acegi Documentation( http://www.acegisecurity.org/guide/springsecurity.html#cas-advanced ). I couldn't get the exact implementation details from it.
"Stateless clients are likely to be via remoting protocols such as Hessian and Burlap. The BasicProcessingFilter is still used in this case, but the remoting protocol client is expected to present a username equal to the static string above, and a password equal to a CAS service ticket. Clients should acquire a CAS service ticket directly from the CAS server."

I am confused on how to send the username and password as the documentation specified.

Thanks for your insights,

-Ram


-- 
You are currently subscribed to [hidden email] as: [hidden email]


To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev

-- 
You are currently subscribed to [hidden email] as: [hidden email]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
Ram Mohan

Re: CAS+Acegi Client: Validating the Service Ticket generated using Restful API

Reply Threaded More More options
Print post
Permalink
sure Scott. i mistook this to be the discussion forum for these issues.

Thanks,
-Ram


On Fri, Jun 26, 2009 at 7:38 AM, Scott Battaglia <[hidden email]> wrote:
Its intended that you pass those via BASIC Auth.  Also, please ask questions like this on the user list, not the dev list.

Thanks
-Scott


On Thu, Jun 25, 2009 at 7:25 AM, Ram Mohan <[hidden email]> wrote:
Hi,

I am using CAS and Acegi Client for the Authentication.
I need to make remote calls(which doesn't involve Browser) to the secure pages. I used the RESTful API solution provided by CAS to get the Service Ticket.

And now, I tried to access the service with this ST(i.e, http://service?ticket=ST) as specified in the RESTful documentation page.
But, as Acegi Filters are configured on these pages, the requests are being redirected to CAS login. How do i say the Acegi filters that these requests are from stateless clients and you just forward these requests to CAS validator.

I found this text from Acegi Documentation( http://www.acegisecurity.org/guide/springsecurity.html#cas-advanced ). I couldn't get the exact implementation details from it.
"Stateless clients are likely to be via remoting protocols such as Hessian and Burlap. The BasicProcessingFilter is still used in this case, but the remoting protocol client is expected to present a username equal to the static string above, and a password equal to a CAS service ticket. Clients should acquire a CAS service ticket directly from the CAS server."

I am confused on how to send the username and password as the documentation specified.

Thanks for your insights,

-Ram


-- 
You are currently subscribed to [hidden email] as: [hidden email]



To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev

-- 
You are currently subscribed to [hidden email] as: [hidden email]

To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev

-- 
You are currently subscribed to [hidden email] as: [hidden email]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
Free Embeddable Forum Powered by Nabble Help