Authentication flows: (v5.3)
1) UI authentication (stateful/indirect client)
pac4j
supports UI authentication, that is stateful/indirect client: the user is redirected to the external identity provider, logs in and is finally redirected back to the application.
CAS specific stateful authentication flow:
2) Web services authentication (stateless/direct client)
pac4j
also supports web services authentication, that is stateless/direct client: credentials are passed with the HTTP request and an Authenticator
must be defined to validate the credentials (a specific ProfileCreator
can also be defined to get the user profile from another source).