Restore original POST request after CAS authentication?

Question

I have json-rpc service accepting http POST-req only and would like it to use CAS SSO auth. The current request flow looks roughly like this:

POST host/service/  -> 302 redirect 
GET host/cas/login?service=https%3A%2F%2Fhost%2Fservice%2F -> 302 redirect
GET host/service/?ticket=ST-16-0rtrEQunbcbNdP16Eu07-cas -> 302 redirect
GET host/service/  -> 405 GET Method not supported

I suppose we need to convert last GET into POST with the original post body params saved. Any hints? Adding bare RequestCacheAwareFilter in the spring-sec chain did not help.

score 0 · Accepted Answer · answered Jun 30 '16 at 21:10

Looks like the only way to solve the problem is to avoid redirect on post. Thus, you need to make normal GET (when you detect 405 code on POST) to some known GET-accepting service url in the same webapp to redirect to/from CAS, then you can use POSTs safely.

Restore original POST request after CAS authentication?

1 Answers1