JASIG-CAS provide SSO for web application. CASify a web application could make your application enjoy SSO.<\/p>\n
\r\ncurl --cookie-jar \/tmp\/c1.cookie -X GET -v https:\/\/cas.example.com\/cas\/login?service=http:\/\/www.abc.com|grep lt\r\n<\/pre>\nGet the login ticket,LT-XXXXXX…, ready for the step.\n<\/li>\n
\r\ncurl -X POST -d \"username=usrsid&password=verysecret<=LT-XXXXX...\" --cookie \/tmp\/c1.cookie --cookie-jar \/tmp\/c2.cookie -v https:\/\/cas.example.com\/cas\/login?service=http:\/\/www.abc.com\r\n<\/pre>\nYou may need to include execution & _eventId in the post data for recent version of CAS server<\/strong>\n<\/li>\n
Afterward, you should get the service ticket, ST-XXXXX…., now. Also, \/tmp\/c2.cookie contain the cookie of TGC. Laster, you could use the TGC to get the ST without providing username & password again.<\/p>\n
- Application use the service ticket to get the userid.\n
\r\ncurl -X GET -v 'https:\/\/cas.example.com\/cas\/serviceValidate?service=http:\/\/www.abc.com&ticket=ST-XXXXX...'\r\n<\/pre>\n<\/li>\nUserID shoud be returned.<\/p>\n
- Using TGC ticket without providing username & password to do authentication\n
\r\ncurl --cookie \/tmp\/c2.cookie -X GET -v https:\/\/cas.example.com\/cas\/login?service=http:\/\/www.abcd.com\r\n<\/pre>\nGet the ST from the reply.\n<\/li>\n
- \n
\r\ncurl -X GET -v 'https:\/\/cas.example.com\/cas\/serviceValidate?service=http:\/\/www.abcd.com&ticket=ST-XXXX...'\r\n<\/pre>\n<\/li>\n<\/ul>\n