After authentication, can we put the TGT ID in the flow scope rather than the request scope? WebUtils puts it in the request scope, but the password manager occasionally needs to hijack the login flow after authentication but before the user is redirected to the requested service. The problem is that when the password manager is done, the TGT ID that was in the request scope is long gone, and the generateServiceTicket action fails. Unless there was a particular reason why request scope was chosen over flow scope (aside from the fact that the request scope was good enough until now), can I propose the TGT goes into the flow scope? Any thoughts?
Thanks, Drew -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
