I have a problem with my current architecture.
I have the following architecture:
API (rest): Grails Application
“App-2”: Grails Application (use Http Builder)
Both applications (API & App-2) use the CAS server for authentication, so I installed the
plugin “Spring-security-cas1.0.5” in both applications.
Both applications are authenticated on the CAS but they do not have the same session as each
application generates its own JSESSIONID.
I tried to intercept the Api jsessionid from the “App-2” and send it in the header of each
request, but it did not work.
Any ideas or suggestions, please?
Many Thanks
The problem occurred when we added the @Secured([‘ROLE_USER’]) on the controller application Rest.
If we want to get to the API through http builder from the application 2. There will be a rediraction to CAS authentifcation page.