Home How to validate an ACCESS TOKEN from CAS server in spring resource server?
Reply: 0

How to validate an ACCESS TOKEN from CAS server in spring resource server?

Filip Majernik
1#
Filip Majernik Published in 2017-07-05 13:33:21Z

I have a following architecture:

  • a CAS server 5.1 which is acting as a OAuth2 server
  • Resource server implemented by the Spring REST API
  • Angular JS GUI which accesses the REST API

When logging into the application, the user enters his username/password and these get send to the CAS server to obtain the access token (within the resource owner password schema). With this token, the angular GUI should be querying the resource server. Now the following questions:

1.) With every call to the REST API the access token must be validated. But the only one who can validate this is the CAS authorization server. So does this mean, with every REST API request the resource server must create another request to the CAS server and check if the token is valid? Or is there any other possibility?

2.) How can I configure the spring resource server security to check the access token with every request?

You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.24241 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO