Reputation: 2511
Apereo CAS surrogate authentication with REST api
I'm successfully using Apereo 6.0.7 to authenticate my users via web login and JWT. I've also implemented delegate authentication to impersonate a given regular user with an admin profile.
Now I'd like to do the same procedure via Apereo REST API. I've successfully configured these API to authenticate a user with username and password. For example (via curl):
curl -k -X POST \
https://local.host.it:8444/cas/v1/tickets/ \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'token=true&username=andrea&password=secretpswd'
However I'm not able yet to perform a surrogate login. Using the configured separator to provide username adn surrogate doesn't work. For example, with / as separator (encoded as %2F):
curl -k -X POST \
https://local.host.it:8444/cas/v1/tickets/ \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'cache-control: no-cache' \
-d 'token=true&username=andrea%2Fsurrogate&password=secretpswd'
returns 401. Can anybody help me finding what's missing? Thank you.
Upvotes: 0
Views: 534
Answers (1)
Reputation: 2511
I've found the answer. Surrogate support for API REST has been introduced in version 6.2.0
https://github.com/apereo/cas/commit/678d78dba004289a93466cbec9d28bcae7d57a14
Upvotes: 0
Related Questions
- CAS Custom Authentication Handler Principal JSON Problem
- Maven CAS and restfullapi
- Spring Security with CAS rest (Direct login)
- Restful CAS client and Proxy Granting Tickets
- CAS server 4.0.x restlet api supplied credentials are null
- CAS authentication of a RESTful web service
- Working Java REST Client Example to access CAS REST API
- Implementing REST based authentication
- Single Sign on to secure REST APIs and internal web based system
- REST Authentication