How to add domain restriction to REST CAS

StackOverflow https://stackoverflow.com/questions/7632709

Question

In our project we're using jasig CAS solution. Recently we've added RESTful interface. To be 100% secure I want to provide restriction on URLs. Only trusted URLs should be able to send requests to this API.

What is the best approach, does CAS support such requirement? So far I thought about:

  • Some firewall/server configuration
  • Create a Filter with lists of trusted URLs
Was it helpful?

Solution 2

Actually, domain restriction is hard to maintenance in real-business-world. So better way is to choose different way to allow access for trusted services. Preferred way is for example: digital signature.

OTHER TIPS

it depends on your requirement, suppose your server has more than one application and you want restriction on selected application then go through 

Create a Filter with lists of trusted URLs

Or You are sure that there is always only and only one application is available in your server then go through

Some firewall/server configuration
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top