Obtaining a Ticket Granting Ticket and a Service Ticket for an API

[idilov]

I am going to call a Java REST API from .net. The API is secured by CAS.
Does this project cover the protocol described here i.e. getting, validating, caching, deleting and error-handling a TGT and a ST for an API?
If this is out of scope for dotnet-cas-client, is there any .net library or .net example for accessing a REST API after authenticating via CAS server?

[phantomtypist]

This client does not contain the code to handle TGT via the CAS REST protocol. If you'd like you can contribute that code and submit a PR.

[KhanhVanCong]

I have this problem with API. I have one client app use the outer CAS to authentication and one other server API to authorization as well as get data. In the client web app, when the user was verified from the CAS server, How can I tell other server API that the user is authenticated and generate token? Do you have any experience with this problem?

[TheHokieCoder]

@KhanhVanCong You will not be able to, out of the box, use the same token/authentication cookie generated by this ASP.NET CAS client to perform authentication/authorization with your API server that is another application/server. And as @phantomtypist mentioned earlier, this client does not currently support CAS via REST. What you are looking for is the ability to secure two or more microservices with the same authentication system (CAS, in this case), which unfortunately is outside the scope of this project.

[KhanhVanCong]

@TheHokieCoder Thank you for your support.