JWTs and Microservice

42 views
Skip to first unread message

Giuseppe Infurna

unread,
Nov 29, 2018, 4:26:10 AM11/29/18
to CAS Community
Hi, 
I have a web application connected with Cas 5.3.5 and it works.
After logging into Cas, I return to my application with redirect=true&ticket=eiyece ............. in url address
Web application validates the jwt and creates a session cookie as explained here.


Now, from my application I want to invoke remote microservices on a my third app passing the jwt (ticket) that cas had provided me. 
This  remote app valid the jwt and ok, but it should be registered on cas? is it a correct practice?

Regards
Giuseppe

Misagh Moayyed

unread,
Dec 4, 2018, 7:40:59 AM12/4/18
to CAS Community
It shouldn't have to be registered, and no it's not considered "correct practice" to share in most cases.

Giuseppe Infurna

unread,
Dec 5, 2018, 4:15:16 AM12/5/18
to CAS Community
OK, so what is a good practice with microservice and cas authentication.and authorization?

regards
Giuseppe
Reply all
Reply to author
Forward
0 new messages