You might find it easier (and more secure) to use the proxy capabilities of CAS. https://apereo.github.io/cas/5.3.x/installation/Configuring-Service-Proxy-Policy.html https://apereo.github.io/cas/5.3.x/protocol/CAS-Protocol.html#proxy-web-flow-diagram
Ray On Thu, 2019-03-28 at 19:26 -0700, casuser wrote: We have applications that are using CAS protocol as well as CAS REST protocol. For applications that are using the CAS REST protocol (specially mobile application) we want to check if the user is already log in to CAS sso. If so then we want to let the user authenticate. We are using a memcached ticket registry. How can we check from memcached if the user has already log in to CAS or not? I want to make a web service that will act as a proxy in between CAS and the applications that are using CAS REST protocol. This web service will check whether the user log in to CAS or not. For that I can connect to memcached and get the stats of the slabs and the items in memcached. From there I can get the value using items as key but It is encrypted using FNV1_64_HASH hash Algorithm and KRYO serialization. The value looks similar to a ticket granting cookie. Using the CAS Rest protocol I can get a ticket granting ticket and service ticket for a service, validate the service ticket and get the CAS response for a user. Now I want to check against the memcached whether that user is already logged in to CAS or not. This is my memcached configuration for CAS cas.ticket.registry.memcached.servers=mymemcached:11211 cas.ticket.registry.memcached.locatorType=CONSISTENT cas.ticket.registry.memcached.failureMode=Redistribute cas.ticket.registry.memcached.hashAlgorithm=FNV1_64_HASH cas.ticket.registry.memcached.shouldOptimize=false cas.ticket.registry.memcached.daemon=true cas.ticket.registry.memcached.maxReconnectDelay=-1 cas.ticket.registry.memcached.useNagleAlgorithm=false cas.ticket.registry.memcached.shutdownTimeoutSeconds=-1 cas.ticket.registry.memcached.opTimeout=-1 cas.ticket.registry.memcached.timeoutExceptionThreshold=2 cas.ticket.registry.memcached.maxTotal=20 cas.ticket.registry.memcached.maxIdle=8 cas.ticket.registry.memcached.minIdle=0 cas.ticket.registry.memcached.transcoder=KRYO cas.ticket.registry.memcached.transcoderCompressionThreshold=16384 cas.ticket.registry.memcached.kryoAutoReset=false cas.ticket.registry.memcached.kryoObjectsByReference=false cas.ticket.registry.memcached.kryoRegistrationRequired=false cas.ticket.registry.memcached.crypto.signing.key=mykey cas.ticket.registry.memcached.crypto.signing.keySize=512 cas.ticket.registry.memcached.crypto.encryption.key=mykey cas.ticket.registry.memcached.crypto.encryption.keySize=16 cas.ticket.registry.memcached.crypto.alg=AES cas.ticket.registry.memcached.crypto.enabled=true I want to know how memcached is actually storing the tickets so that I can check for users if there is a ticket already present for them or not -- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected] -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1553874137.3098.64.camel%40uvic.ca.
