Does someone have a valid example on CAS Proxy Granting Ticket?
I need to implement a CAS Proxy Granting Ticket System.
So I need to understand the system. There is a good doc here, but I have no idea about the proxyCallback I need.
Could someone explain me that ?
Answer
The CAS will invoke the pgtURL to provide a special ticket that will enable that application to acquire new tickets for other applications.
This is the setup in web.xml:
<servlet>
<servlet-name>casproxy</servlet-name>
<servlet-class>edu.yale.its.tp.cas.proxy.ProxyTicketReceptor</servlet-class>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>casproxy</servlet-name>
<url-pattern>/casProxy/*</url-pattern>
</servlet-mapping>
To get a new ticket for another service with the special ticket:
SecurityContext sc = SecurityContextHolder.getContext();
CasAuthenticationToken auth = (CasAuthenticationToken)sc.getAuthentication();
String pgtIOU = auth.getProxyGrantingTicketIou();
String newTicket = ProxyTicketReceptor.getProxyTicket(pgtIOU, anotherService);
Then you redirect to that service giving to it the new ticket.