Open Doccrazy opened 7 years ago
It seems one project to come will need this feature to work. Have you found any time to spend on its implementation ?
Sorry, there has been no progress in implementing support for the CAS proxy flow. This is a complex feature that is not widely used, and has mostly been replaced by OAuth.
If possible, I would recommend switching your project to standardized OAuth 2.0 authentication. But contributions are always welcome! I don't think I will find the time to implement this in the near future.
thank you for your response, unfortunately, this upcoming application won't evolve to support oauth2.0 in a near future. I'm not sure i have the skills to develop this, i will try try to have a look.
Proxy ticket granting and validation is a mandatory CAS 2.0 feature and should be supported. However not many clients use it and it is not required for basic SSO functionality.
The basic flow is the following:
serviceValidate
during user login/proxy
/proxyValidate
instead of/serviceValidate
to validate the proxy ticketAffects the following endpoints:
/proxy
[CAS 2.0]/proxyValidate
[CAS 2.0]Web flow diagram: https://apereo.github.io/cas/4.2.x/protocol/CAS-Protocol.html#proxy-web-flow-diagram CAS specification link: https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html#proxyvalidate-cas-20