Thank you so much. I doubt on the following comment made by you.
"If the service ticket validates successfully, then the user is granted access to the service." The protocol clearly says when the service presents the ticket for validation it will be returned with Username and validation status. Even if the ticket is validated it is the services which determines the access for the user. -----Original Message----- From: Marvin Addison [mailto:[email protected]] Sent: Sunday, March 21, 2010 6:19 PM To: [email protected] Subject: Re: [cas-user] small help > There is no single token which > can give access to all the services configured against CAS. It is correct that no single token can give _direct_ access to a service. The ticket-granting ticket is used to grant access indirectly by granting a service ticket to the service, which in turn presents it to CAS. If the service ticket validates successfully, then the user is granted access to the service. The service ticket is then typically discarded since it is single use by default. This workflow is discussed in further detail at http://www.jasig.org/cas/protocol. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
