I'm reading the protocol specification here:
In Section 2.6.2 there are example XML and JSON responses and a note which
when authentication has proceeded through multiple proxies, the order in
> which the proxies were traversed MUST be reflected in the block. The most
> recently-visited proxy MUST be the first proxy listed, and all the other
> proxies MUST be shifted down as new proxies are added. In the above
> example, the service identified by <https://proxy1/pgtUrl> was visited
> first, and that service proxied authentication to the service identified by
The XML example appears to follow this requirement, but the JSON does not.
Specifically, the JSON list is [ "https://proxy1/pgtUrl",
"https://proxy2/pgtUrl" ], but the way I read the requirement it should be
[ "https://proxy2/pgtUrl", "https://proxy1/pgtUrl" ].
Another thing is that I'm having a difficult time visualizing a scenario
where authentication would proceed through multiple proxies. Does anyone
have an example scenario to enlighten me?
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
You received this message because you are subscribed to the Google Groups "CAS
To unsubscribe from this group and stop receiving emails from it, send an email
To view this discussion on the web visit