Jorge, The idea is that a web application should authenticate a user against CAS, and then it should establish its own *application session*. The CAS service ticket is no longer useful at this point (it is expired). The CAS TGC stays active so if you want to authenticate to an entirely different web application that also uses CAS, you will be issued a new ST for that service, and once validated, that web application would establish its own application session.
The idea is not that a web application should authenticate ever HTTP request against CAS. Thanks, Carl Waldbieser ITS Identity Management Lafayette College ----- Original Message ----- From: "Jorge Andres" <[email protected]> To: "CAS Community" <[email protected]> Sent: Wednesday, January 25, 2017 12:32:35 PM Subject: [cas-user] Re: Can CAS server use jwt tokens insted of TGT or ST tokens to mantain SSO??? Please somebody can to help me is a can achieve this with CAS or something else authentication server???? Thanks a lot..... El lunes, 23 de enero de 2017, 17:32:55 (UTC-5), Jorge Andres escribió: > > In the company where I work we want to implement SSO in our web apps and > desktop apps and we are thinking in CAS Server to accomplish it, but we are > looking to use JWT tokens. The main idea is that a client authenticate an > user against CAS with LDAP, when successful then CAS creates a JWT token > and returns it to the user so the user can use that token for the next > requests. This is to avoid to validate against CAS every time if the ticket > sent by the user is a valid ticket. > > can CAS server use a JWT token instead of TGTs and/or STs? if so, how to > achieve that? > > Thanks a lot. > > -- ---- Si usted no es destinatario y recibió este correo por error, agradeceremos que proceda a borrarlo. Por favor no copie, use ni divulge su contenido. If you are not the intended recipient and receive this e-mail in error, please delete it. Please do not copy, use and not disclose its contents. Antes de imprimir... Piense en su compromiso con el medio ambiente. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/3e3723ea-468f-4166-8547-e2d4fb242048%40apereo.org. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/619850187.14163228.1485366386671.JavaMail.zimbra%40lafayette.edu.
