Julien Herfurth wrote:
Hello Ben,
I use the 0.51 release in which I put some logging lines. That is the TicketResponse.getProxyGrantingTicketIou()
that return an empty string that causes the exception to be thrown. When I comment out the test
"".equals(proxyGrantingTicketIou) at line 69 into CasAuthenticationToken.java, everything happens
as expected. The unit test show that there will never be a null value, but also that an empty
string can happen. Perhaps the ticket emptyness should checked only for a non empty list of
proxies :-).
Thanks a lot for your answer,
Julien
PS : Thanks to all Acegi Security developers !
Hi Julien
I've just checked into CVS code that allows an empty String for proxyGrantingTicketIou in the CasAuthenticationToken constructor. The CasProxyDecider interface contract only provides access to the list of proxies anyway, so proxyGrantingTicketIous are not really used by Acegi Security. It's stored in CasAuthenticationToken so that users may access the PGT IOU ID, which in turn allows them to access the proxy granting ticket from the callback receptor - which is usually CAS' ProxyTicketReceptor servlet. This is discussed more in the reference guide under Advanced CAS Usage.
Thanks for assisting in working through this issue.
Best regards Ben
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
