>> The CAS 2 protocol supports
>> both a code and a description, but only the former is passed to
>> clients in many important cases.
>
> That's an incorrect statement. You didn't follow the code:
You're absolutely right, sorry.
> Again, I'm
> quite confident you've seen a CAS server validation error and seen the
> appropriate messages being returned and not the code.
You're right, and it's my experience with these messages that is the
basis for the suggestion for providing more detail. I apologize for
getting off track with incomplete code review.
I stand firm that the failure messages sent to clients can be vague.
Compare the specificity of what's logged versus the generality of the
message.properties template for ticket validation failure:
if (serviceTicket == null) {
if (log.isDebugEnabled()) {
log.debug("ServiceTicket [" + serviceTicketId
+ "] does not exist.");
}
throw new InvalidTicketException();
}
INVALID_TICKET=ticket ''{0}'' not recognized
In the former case I know exactly why it didn't validate, whereas in
the latter I have to guess whether it was a non-existent ticket or
expired ticket. In many cases there may be little difference, but if
you're troubleshooting a ticket expiration policy problem it could be
very helpful to know the difference.
M
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
