Rest with CAS

[Rob Bugh]

Do the spring-security-cas and spring-security-rest plugins work together? I have an Angular UI authenticating against a rest-server that redirects to CAS for authentication. Briefly, UI calls a protected rest endpoint on the server.This redirects to CAS for the user to login, then back to the server and finally back to the UI. The question is can we set up the Rest Plugin to include an Auth-Token on the final response back to the UI? Or possibly set up another Rest endpoint on the server that does nothing but return the Auth-Token?

Regards,

Rob

[Alvaro Sanchez-Mariscal]

They do work together. s-s-rest can delegate the authentication to a 3rd party authorisation server (CAS in your case), so that the token response from CAS goes to the plugin, and the plugin will take care of generating the JWT and passing it back to your front-end.

See http://alvarosanchez.github.io/grails-spring-security-rest/latest/docs/index.html#_cas_central_authentication_service for more information.

Alvaro.

--
Spring Security REST
http://alvarosanchez.github.io/grails-spring-security-rest/
---
You received this message because you are subscribed to the Google Groups "Spring Security REST" group.
To unsubscribe from this group and stop receiving emails from it, send an email to spring-security-rest+unsub...@googlegroups.com.
To post to this group, send email to spring-security-rest@googlegroups.com.
Visit this group at https://groups.google.com/group/spring-security-rest.
To view this discussion on the web, visit https://groups.google.com/d/msgid/spring-security-rest/e26fcbb3-3a05-4787-9a51-b66aa9ad83d9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro Sanchez-Mariscal
alvaro.sanc...@gmail.com
twitter.com/alvaro_sanchez

[Rob Bugh]

I'm a little confused. How do I set up my filter chain? Do the rest endpoints in my app return a 401 or do they delegate to CAS? Just trying to understand how authentications works now.

Rob

On Tuesday, February 7, 2017 at 4:41:16 AM UTC-6, Álvaro Sánchez-Mariscal wrote:

They do work together. s-s-rest can delegate the authentication to a 3rd party authorisation server (CAS in your case), so that the token response from CAS goes to the plugin, and the plugin will take care of generating the JWT and passing it back to your front-end.

See http://alvarosanchez.github.io/grails-spring-security-rest/latest/docs/index.html#_cas_central_authentication_service for more information.

Alvaro.

2017-02-07 0:50 GMT+01:00 Rob Bugh <rob...@gmail.com>:

Do the spring-security-cas and spring-security-rest plugins work together? I have an Angular UI authenticating against a rest-server that redirects to CAS for authentication. Briefly, UI calls a protected rest endpoint on the server.This redirects to CAS for the user to login, then back to the server and finally back to the UI. The question is can we set up the Rest Plugin to include an Auth-Token on the final response back to the UI? Or possibly set up another Rest endpoint on the server that does nothing but return the Auth-Token?

Regards,

Rob

--
Spring Security REST
http://alvarosanchez.github.io/grails-spring-security-rest/
---
You received this message because you are subscribed to the Google Groups "Spring Security REST" group.
To unsubscribe from this group and stop receiving emails from it, send an email to spring-security-rest+unsub...@googlegroups.com.

To post to this group, send email to spring-sec...@googlegroups.com.

Visit this group at https://groups.google.com/group/spring-security-rest.
To view this discussion on the web, visit https://groups.google.com/d/msgid/spring-security-rest/e26fcbb3-3a05-4787-9a51-b66aa9ad83d9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.