0

I have two different spring web applications with authentication,

  • My first application has to get some responses from second application in order to show the required details to the user. Now the problem is, Since the second app also secured I'm unable to get responses from it. Suggest me how can I authenticate second app from server code at first app.

Note: I tried to use CAS server, It returned me the login page's html text when I made a request.

Sasikumar
  • 675
  • 2
  • 7
  • 17
  • Sounds like a good use case for OAuth2 - one app wanting to access a resource on behalf of a user. – Shaun the Sheep May 22 '14 at 12:46
  • @LukeTaylor Thanks for your valuable answer, I have another doubt now, Upto my knowledge the main purpose of OAuth2 is to ask user, authorize the third party application to use user resources from OAuth provider. But in my requirement I don't have to ask user since third party doesn't involves. Both apps are mine. – Sasikumar May 23 '14 at 12:57
  • OAuth2 doesn't have to involve the end user. Either the approval of access could be built into the system or it can use a "client credentials" grant, where access is granted purely on basis of the client's identity. – Shaun the Sheep May 23 '14 at 14:38
  • Thanks LukeTaylor, I'll try OAuth2 and get back to this discussion if facing any issues. Thanks a lot again. – Sasikumar May 24 '14 at 02:26

1 Answers1

0

Refer to this https://stackoverflow.com/a/24486898/3487801. Services could be secured using CAS. All you need to do is to add restlet module on your cas server and build a simple Java client to get the ticket and authenticate to your service.

Some says, there is no working Java client for headless CAS. But groovy example on the CAS restful API https://wiki.jasig.org/display/casum/restful+api is actually working. You need to get it modified just a little bit to get it work.

Community
  • 1
  • 1
rama3i
  • 156
  • 1
  • 7