CAS without login page?

[Yan Zhou]

Hello,

We have been using CAS 4.1 and also started looking at CAS 5.2.  I understand that one of the best practices of using CAS Is to always use CAS login page, because CAS provides a login flow, more than an API to validate username/password.

Still, user experience and business requirement sometimes desire an login experience without any redirect.  For instance, an unauthenticated user is going through checkout process, he will be prompted for user credential only when he starts to place orders.  We would prefer not having a redirect and have CAS login page take over the entire screen. 

Is CAS REST API the only option?  

Does CAS4 or CAS5 provide a UI-less way of integration? I have seen some talked about their home-made implementation for that, just thought if there is a standard way of doing so, especially with CAS 5 now released.

Thx!

[Ramakrishna G]

Yan Zhou,

I read your requirement. I think you have two options 

1. Customize CAS login page to your needs. Eg - Opening in a small popup

2. Using CAS Rest Protocal provided by CAS

https://apereo.github.io/cas/5.1.x/protocol/REST-Protocol.html

In the 2nd approach you need to design login page of your own and pass data to CAS server via post method.

Thanks

Ramakrishna

--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/41274cff-58e2-4695-8665-6ef9e780d555%40apereo.org.

[nilesh choudhary]

Hello Zhou,

We have similar requirements. To avoid CAS login page redirection which would be a sudden change of customer experience, we are using CAS REST protocol in backend. Another benefit we get is, we can restrict CAS server to internal connectivity and do not need to expose it to outside world. It is secured as it is shielded from direct brute force or any hacker attacks. 

Also the CAS 5.3.0 has TGT less authentication rest endpoint. It is a game changer for stateless API authentication. It would be nice if we could have got JWT support for that new API but it's still helpful. 

So far looking good but yet to get it in production.

-Nilesh Choudhary

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/41274cff-58e2-4695-8665-6ef9e780d555%40apereo.org.

--

- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.

To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.

To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGST5P_cQAnwjHBeE3UW41Lb8N2LUR0Smz8dbtTyjthN56BH-g%40mail.gmail.com.