How to add domain restriction to REST CAS
-
06-02-2021 - |
题
In our project we're using jasig CAS solution. Recently we've added RESTful interface. To be 100% secure I want to provide restriction on URLs. Only trusted URLs should be able to send requests to this API.
What is the best approach, does CAS support such requirement? So far I thought about:
- Some firewall/server configuration
- Create a Filter with lists of trusted URLs
解决方案 2
Actually, domain restriction is hard to maintenance in real-business-world. So better way is to choose different way to allow access for trusted services. Preferred way is for example: digital signature.
其他提示
it depends on your requirement, suppose your server has more than one application and you want restriction on selected application then go through
Create a Filter with lists of trusted URLs
Or You are sure that there is always only and only one application is available in your server then go through
Some firewall/server configuration