Authenticating web service calls via CAS

tedzo tedzo2003 at yahoo.com
Fri Oct 12 13:55:31 EDT 2007 

Robert,
Thanks for your response. 
I looked at the code you referred to. Co-incidently, we do pretty much exactly what the code you shared does. Unfortunately, thats kind of not what I was looking for. Perhaps I should explain better-
1. I have a webapp that is currently secured using CAS SSO.
2. There are certain services that are currently part of the webapp that are used within the webapp.
3. The goal is to expose those services as web services so that they may be used by external entities.
4. We use XFire to expose the service as a web service.
5. I also want to somehow use CAS to authenticate the web service call AND also get CAS to respect the SSO session between multiple web service calls (basically, I want to pass user name/password to a web service call the first time and be able to do multiple web service calls after that without the username/password)....

I hope that makes sense.

I hope someone (Scott Battaglia? :) could give me some pointers...

Thanks for your time.


----- Original Message ----
From: Robert Lewis <r.lewis at tamu.edu>
To: cas at tp.its.yale.edu
Sent: Thursday, October 11, 2007 10:53:31 AM
Subject: Re: Authenticating web service calls via CAS

Hi,

Does the example at http://www.tamu.edu/CAS/libraries/net/
apply in your case?

Thanks.

cas-request at tp.its.yale.edu wrote:
> Send cas mailing list submissions to
>     cas at tp.its.yale.edu
> 
> To subscribe or unsubscribe via the World Wide Web, visit
>     http://tp.its.yale.edu/mailman/listinfo/cas
> or, via email, send a message with subject or body 'help' to
>     cas-request at tp.its.yale.edu
> 
> You can reach the person managing the list at
>     cas-owner at tp.its.yale.edu
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of cas digest..."
> 
> 
> Today's Topics:
> 
>    1. Re: CAS Logout with "service" Parameter is not Redirecting to
>      Client    Application (Scott Battaglia)
>    2. JA-SIG Unconference & CAS (Scott Battaglia)
>    3. Anyone have ideas?--Re: Authenticating web service calls via
>      CAS.. (tedzo)
>    4. Re: CAS with JSP (gopu_36)
>    5. Re: CAS with JSP (gopu_36)
>    6. Re: CAS with JSP (gopu_36)
>    7. Re: CAS Logout with "service" Parameter is not Redirecting to
>      Client    Application (Julien Marchal)
>    8. Re: CAS Logout with "service" Parameter is not Redirecting to
>      Client    Application (Julien Marchal)
>    9. CAS in multi-domain DNS (Yannick Quenec'hdu)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Wed, 10 Oct 2007 13:36:54 -0400
> From: "Scott Battaglia" <scott.battaglia at gmail.com>
> Subject: Re: CAS Logout with "service" Parameter is not Redirecting to
>     Client    Application
> To: "Yale CAS mailing list" <cas at tp.its.yale.edu>
> Message-ID:
>     <1bbd36a10710101036r456241dbx1bbbf767c4afa760 at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
> 
> Cliff,
> 
> You need to set the followServiceRedirects property to true on the
> LogoutController in your XML configuration file.
> 
> -Scott
> 
> On 10/10/07, Clifford Bryant <CBryant at edgewater.com> wrote:
>>  Hello,
>>
>>
>>
>> We are attempting to logout of the CAS application, but the "service"
>> parameter is not redirecting to the client application.
>>
>>
>>
>> Here is the URL that we are sending to CAS logout.
>>
>>
>>
>>
>> https://rsdev01:8443/cas/logout?service=https://rsdev01:8443/terms/CasLogin.jsp
>>
>>
>>
>> It is going to the CAS logout screen, and says "Logout successful," but it
>> is not redirecting back to the client application.
>>
>>
>>
>> Cliff Bryant
>>
>>
>>
>> This e-mail and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed.  This communication may contain information that is protected from disclosure by applicable law.  If you are not the intended recipient, or the employee or agent responsible for delivering this communication to the intended recipient, be advised that you have received this e-mail in error and any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited.  If you believe that you have received this e-mail in error, please immediately notify Edgewater Technology by telephone at (781) 246-3343 and delete the communication from all e-mail files.
>>
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>
>>
> 
> 

_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu
http://tp.its.yale.edu/mailman/listinfo/cas


       
____________________________________________________________________________________
Boardwalk for $500? In 2007? Ha! Play Monopoly Here and Now (it's updated for today's economy) at Yahoo! Games.
http://get.games.yahoo.com/proddesc?gamekey=monopolyherenow  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20071012/e51e3d82/attachment.html

More information about the cas mailing list