Misagh, It could be an issue with the test, but it would seem that the same test would fail in CAS 4.2.x.
Here is the sequence of steps: 1) Post a user name and password to /cas/v1/tickets and get a Ticket Granting Ticket. 2) Post the Ticket Granting Ticket and registered service you want to access (in this case "/protected-web-app") to "/cas/v1/tickets/<TGT>" where TGT is the Ticket Granting Ticket and obtain a Service Ticket. 3) Send a GET request to "/cas/serviceValidate" containing the service to access, the Service Ticket, and the proxy URL of the service (in this case "/protected-web-app/proxyUrl" which is the CAS client). A Proxy Granting Ticket IOU will be issued. 4) Send a GET request to the proxy URL of the service (in this case "/protected-web-app/proxyUrl" which is the CAS client) and get a Proxy Granting Ticket. 5) Send a GET request to "/cas/proxy" containing the Proxy Granting Ticket and get a one-time use Proxy Ticket. 6) Send a GET request to "/cas/proxyValidate" containing the service to access (in this case "/protected-web-app"), the Proxy Ticket, and the proxy URL (in this case "/protected-web-app/proxyUrl" which is the CAS client). You should get the corresponding Proxy Granting Ticket and proxy URL that was issued for this Proxy Ticket. Step 6 is where it fails and says the Proxy Ticket was already used. I will look into this a bit more, but I am confused why this would work in CAS 4.2.x. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5d6daaa-9083-498a-9abc-8912f93af55e%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
