1 / 15

CAS Proxy Protocol

CAS Proxy Protocol. By Matthew Selwood Web and Identity Services Developer – Web Services University of Victoria. CAS. CAS Proxy Client. User. Proxy Service. TGC. -User is already authenticated (possesses TGC). CAS. CAS Proxy Client. /login – TGC. User. Proxy Service. TGC.

dooley
Download Presentation

CAS Proxy Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CAS Proxy Protocol By Matthew Selwood Web and Identity Services Developer – Web Services University of Victoria

  2. CAS CAS Proxy Client User Proxy Service TGC -User is already authenticated (possesses TGC)

  3. CAS CAS Proxy Client /login – TGC User Proxy Service TGC -User tries to access resource

  4. CAS CAS Proxy Client /login – TGC ST User Proxy Service TGC -User is already authenticated and returns with Service Ticket

  5. CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL /login – TGC ST User Proxy Service TGC

  6. HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL /login – TGC // PGT ST pgtIOU.plain User Proxy Service TGC -Callback from CAS that stores the pgtIOU on the proxy client

  7. HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL /login – TGC // PGT ST pgtIOU.plain User Proxy Service TGC

  8. pgtIOU HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL PGT /login – TGC // PGT ST pgtIOU.plain User Proxy Service TGC -Response to /proxyValidate -Use the pgtIOU to determine the PGT

  9. /proxy – targetService, PGT pgtIOU HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL PGT /login – TGC // PGT ST pgtIOU.plain User Proxy Service TGC

  10. PT /proxy – targetService, PGT pgtIOU HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL PGT /login – TGC // PGT ST pgtIOU.plain User Proxy Service TGC

  11. PT /proxy – targetService, PGT pgtIOU HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL PGT /login – TGC // PGT PT ST pgtIOU.plain User Proxy Service TGC

  12. PT /proxy – targetService, PGT pgtIOU HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL PGT /login – TGC // PGT PT ST pgtIOU.plain User Proxy Service TGC /proxyValidate - PT -CAS server checks that referer URL = targetService

  13. PT /proxy – targetService, PGT pgtIOU HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL PGT /login – TGC // PGT PT ST pgtIOU.plain User Proxy Service TGC /proxyValidate - PT ID

  14. PT /proxy – targetService, PGT pgtIOU HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL PGT /login – TGC Proxy Service Response // PGT PT ST pgtIOU.plain User Proxy Service TGC /proxyValidate - PT ID

  15. PT /proxy – targetService, PGT pgtIOU HTTP – 200(OK) HTTP GET /pgtURL - pgtIOU, PGT CAS CAS Proxy Client /proxyValidate – ST, pgtURL=client URL PGT /login – TGC Proxy Service Response // PGT PT ST pgtIOU.plain User Proxy Service TGC /proxyValidate - PT ID

More Related