Authentication flows: (v5.4)
1) UI authentication (stateful/indirect client)
pac4j supports UI authentication, that is stateful/indirect client: the user is redirected to the external identity provider, logs in and is finally redirected back to the application.
CAS specific stateful authentication flow:
2) Web services authentication (stateless/direct client)
pac4j also supports web services authentication, that is stateless/direct client: credentials are passed with the HTTP request and an
Authenticator must be defined to validate the credentials (a specific
ProfileCreator can also be defined to get the user profile from another source).