JASIG CAS Login Programmatically (With Liferay )...

Question

Hi all,

I am using JASIG CAS for SSO login with liferay. Now, its working fine when i directly try to login, because the redirect is there with CASFilter. It redirects to CAS login page, and after login successfully it redirects to our application url provided.

Now i want to login into CAS using liferay's login portlet. This portlet is providing login in liferay, same as login but its submit URL is diff. So, CAS redirect is not working here.

And i don't want login prompt for CAS here. After login into liferay, I want to login directly in CAS. I have checked it using Apache HttpClient, but its not working. I have tried using POST method with all input fields. The problem is, CAS is using one hidden field named lt, which is random string everytime login page loads. So when i programmatically access the page i can't read this field.

If we give older lt then also its not working.

So, any other way anyone have seen?

Please help, its very critical thing.

thanks.

Answer 1

I forwarded the question in my Smile.fr company. See reply of one of my techs, translated, below.

lt field is login ticket, to get at CAS server prior to initiate authentication.

To avoid form CAS :

1. Get one login ticket at CAS server
2. Sen auth request with credentials, lt and back service url (the one we just have logged on)

Goin through CAS server is compulsory because he is the only able to send TGC, requested to get Services Tickets in return.

Few links :

https://wiki.jasig.org/display/CAS/Using+CAS+without+the+CAS+login+screen https://wiki.jasig.org/display/CAS/Using+CAS+without+the+Login+Screen

The "why not do this" in first link is stated as a good idea.

Best regards