views:

453

answers:

1

I need to implement a CAS Proxy Granting Ticket System.

So I need to understand the system. There is a good doc here, but I have no idea about the proxyCallback I need.

Could someone explain me that ?

A: 

The CAS will invoke the pgtURL to provide a special ticket that will enable that application to acquire new tickets for other applications.
This is the setup in web.xml:

<servlet>
 <servlet-name>casproxy</servlet-name>
 <servlet-class>edu.yale.its.tp.cas.proxy.ProxyTicketReceptor</servlet-class>
 <load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
  <servlet-name>casproxy</servlet-name>
  <url-pattern>/casProxy/*</url-pattern>
</servlet-mapping>

To get a new ticket for another service with the special ticket:

SecurityContext sc = SecurityContextHolder.getContext();
CasAuthenticationToken auth = (CasAuthenticationToken)sc.getAuthentication();
String pgtIOU = auth.getProxyGrantingTicketIou();
String newTicket = ProxyTicketReceptor.getProxyTicket(pgtIOU, anotherService);

Then you redirect to that service giving to it the new ticket.

rodrigoap
Okay.I didn't noticed that I had to change web.xml.I'm not a Java guru. Are you meaning I have write some java code to enable proxy Granting ticket ?
Pilooz
You only need to code the part that use the PGT to obtain new tickets for other applications. The part that is in charge of receiving the PGT and store it for you to use it, is already coded in the ProxyTicketReceptor servlet.
rodrigoap