I think the point is that the undocumented request without any parameters at all, to which we are required to respond with 200 OK for the server to actually make the documented request with the PGT, is pointless and therefore slightly inefficient.
I happen to agree with this, unless there is some reason for this additional, undocumented, request which escapes me. Best regards, /Fredrik Jönsson Norrström On Fri, 2010-05-07 at 16:56 +0200, Scott Battaglia wrote: > On Fri, May 7, 2010 at 9:46 AM, Nathan Kopp <[email protected]> > wrote: > <snip /> > > > > > Note also that I think this call is unnecessary and therefore > slightly inefficient. > > It authenticates the PGT request. Its another set of authentication > credentials. You could easily replace it with some other method of > authentication (i.e. passing a username/password). The point is that > a request for a proxy granting ticket is the same process as > requesting a TGT. The default authentication method happens to be > checking the cert and that the end point is responding. Its easily > sawappable with something else. > > Cheers, > Scott -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
