CODEWITHSUNDEEP
ajaxspring-securitycas
acvcu
acvcu

Reputation: 2506

Calling RESTful services using CAS Proxy and Spring Security

I am currently using Spring Security with CAS as the authentication mechanism to secure a web app as well as my RESTful services API (on a separate server). I would like to make calls to the RESTful services from my web app within AJAX. I have successfully setup a CAS proxy from the web app to the services. What's the best way of calling the services with the PGT inside of my AJAX/JQuery code to retrieve the services data?

Right now I can successfully read services data using the following test servlet, but am wondering what approach to use with AJAX.

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
String targetUrl = "https://example.com/services/helloworld";

final CasAuthenticationToken token = (CasAuthenticationToken) req
    .getUserPrincipal();
final String proxyTicket = token.getAssertion().getPrincipal()
    .getProxyTicketFor(targetUrl);

// Make a remote call using the proxy ticket
final String serviceUrl = targetUrl + "?ticket="
    + URLEncoder.encode(proxyTicket, "UTF-8");
String proxyResponse = CommonUtils.getResponseFromServer(serviceUrl);

resp.setStatus(HttpServletResponse.SC_OK);
resp.setContentType("text/plain");
PrintWriter writer = resp.getWriter();
writer.println(proxyResponse);
writer.flush();
}

Upvotes: 0

Views: 1072

Answers (1)

acvcu
acvcu

Reputation: 2506

I ended up throwing in the towel on this and moving to an OAuth 2 solution.

Upvotes: 1

Related Questions