Regarding JWT and CAS Server

[Ajay Madhavan]

I want to use the cas server to authenticate since it gives me good integration with radius and AD. I would like to generate a JWT instead of a service ticket. Do you think that will be possible? Do you think it would be possible to just add the JSON web Token generator inside CAS to generate a token after authentication in the required format?

Thanks

Ajay

[Jérôme LELEU]

Hi,

We already generate JWTs for the OpenID Connect protocol so for sure, it's feasible.

For example, you can create some controller to return a JWT generated by pac4j based on the CAS user identity. Replacing the service ticket validation by a returned JWT would be more work.

Thanks.

Best regards,

Jérôme

--
CAS gitter chatroom: https://gitter.im/apereo/cas
CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
CAS documentation website: https://apereo.github.io/cas
CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
To post to this group, send email to cas-...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CANFzPuKkswNvQdo%3DYB9T7WrH0bj9MF9tBjN1jMS3%3DTbb28JVCg%40mail.gmail.com.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.

[Ajay Madhavan]

Hi Jerome,

Thanks for your response. Where do I plugin this controller to replace the original ticket generation inside CAS??

Regards

Ajay

On Tue, Oct 18, 2016 at 1:08 AM, Jérôme LELEU <lel...@gmail.com> wrote:

Hi,

We already generate JWTs for the OpenID Connect protocol so for sure, it's feasible.

For example, you can create some controller to return a JWT generated by pac4j based on the CAS user identity. Replacing the service ticket validation by a returned JWT would be more work.

Thanks.

Best regards,

Jérôme

2016-10-18 6:33 GMT+02:00 Ajay Madhavan <ajay...@gmail.com>:

I want to use the cas server to authenticate since it gives me good integration with radius and AD. I would like to generate a JWT instead of a service ticket. Do you think that will be possible? Do you think it would be possible to just add the JSON web Token generator inside CAS to generate a token after authentication in the required format?

Thanks

Ajay

--
CAS gitter chatroom: https://gitter.im/apereo/cas
CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
CAS documentation website: https://apereo.github.io/cas
CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.

[Jérôme LELEU]

Hi,

"pac4j needs cas-server-core 4.0.0": how do you see that?

Thanks.

Best regards,

Jérôme

2016-10-21 1:05 GMT+02:00 Ajay Madhavan <ajay...@gmail.com>:

Hi Jerome,

I see that pac4j needs cas-server-core 4.0.0. But I use cas-server-core 3.5.2.1. Is it compatible with that?

Regards

Ajay

[Ajay Madhavan]

Hi Jerome,

I see that pac4j needs cas-server-core 4.0.0. But I use cas-server-core 3.5.2.1. Is it compatible with that?

Regards

Ajay

On Tue, Oct 18, 2016 at 8:30 AM, Ajay Madhavan <ajay...@gmail.com> wrote:

[Ajay Madhavan]

Sorry my bad. I did not understand what you meant initially.

I was able to make the pac 4j work on my webapp. Also I was able to work on the suggestion you provided as to use the CAS identity but use JWTGenerator for the JWT instead of service tickets.

As far as validation, I think I will move to JWT validation rather than cas ticket validation.

Your piece of advice was extremely helpful.

Regards

Ajay