I “might" know what the issue may be. Your final validation event is not failing because of expiration policies. That bit is fine. Your test is also fine. It’s failing afterwards where the validation spec does not allow use of proxies. Go ahead and submit an issue. Possible bean injection problem, etc. We’ll review it together.
Thanks! -- Misagh From: William <[email protected]> Reply: William <[email protected]> Date: August 23, 2016 at 6:33:56 AM To: CAS Community <[email protected]> Cc: [email protected] <[email protected]> Subject: Re: [cas-user] Possible Bug With Proxy Tickets In CAS 5.0.0.RC1-SNAPSHOT Misagh, It could be an issue with the test, but it would seem that the same test would fail in CAS 4.2.x. Here is the sequence of steps: 1) Post a user name and password to /cas/v1/tickets and get a Ticket Granting Ticket. 2) Post the Ticket Granting Ticket and registered service you want to access (in this case "/protected-web-app") to "/cas/v1/tickets/<TGT>" where TGT is the Ticket Granting Ticket and obtain a Service Ticket. 3) Send a GET request to "/cas/serviceValidate" containing the service to access, the Service Ticket, and the proxy URL of the service (in this case "/protected-web-app/proxyUrl" which is the CAS client). A Proxy Granting Ticket IOU will be issued. 4) Send a GET request to the proxy URL of the service (in this case "/protected-web-app/proxyUrl" which is the CAS client) and get a Proxy Granting Ticket. 5) Send a GET request to "/cas/proxy" containing the Proxy Granting Ticket and get a one-time use Proxy Ticket. 6) Send a GET request to "/cas/proxyValidate" containing the service to access (in this case "/protected-web-app"), the Proxy Ticket, and the proxy URL (in this case "/protected-web-app/proxyUrl" which is the CAS client). You should get the corresponding Proxy Granting Ticket and proxy URL that was issued for this Proxy Ticket. Step 6 is where it fails and says the Proxy Ticket was already used. I will look into this a bit more, but I am confused why this would work in CAS 4.2.x. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5d6daaa-9083-498a-9abc-8912f93af55e%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout. -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.57bc544f.c823e54.1718%40unicon.net. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
