Announcement Announcement Module
No announcement yet.
Using CAS in remote application Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Using CAS in remote application


    I'm writing a remote application work with CAS. But I don't know how to get the CAS ticket after the first login by providing user name and password. Could anyone post the sample codes for me?

    By the way, how to use the ticket for future client-server communication? I have read the Acegi Security System for Spring Reference Documentation and trying the packed client application. For this case, how to change this client application to get the ticket and how to use the ticket for further service request?


  • #2
    Is your question how to obtain a CAS service ticket which can then be used as a password for future web services requests (in conjunction with CasProcessingFilter.CAS_STATEFUL_IDENTIFIER)?

    Acegi Security provides no code which does this, as basically you'll need your client application to POST to the CAS Server and parse the response. In the response you'll receive the service ticket. Scott Battaglia has done this - he might be able to send you his code. I have an old version laying around somewhere, but Scott would of course have the latest version.


    • #3
      I should mention if someone wanted to donate a utility class with a method like this:

      public String getServiceTicket(String casServerHttpsUrl, String webServiceHttpsUrl, String username, String password);

      I think it would be a good addition to Acegi Security. Scott, if you send me your latest code I could easily write it.


      • #4

        What do you want? The specific implementations of the CredentialsSource interface? We have created a few based on different versions of CAS (i.e. a CAS web service vs. parsing the CAS login screen vs. a special CAS servlet to post to).


        • #5
          Probably AcegiCasHtmlResponseCredentialsSource, but in a utility class with a static method so it can be used simply from a web services client application.


          • #6
            I don't have the most recent source at home so I'll try and grab it at work on Monday.

            I'm not sure however that the class can be a static method. Its heavily dependent on the actual parsing of the HTML page which can change depending on how you've implemented your CAS login page.