Sorry you misunderstood. I don't mean to say service ignores the validation failure. Service for sure respects the validation. I mean to say even he is successfully authenticated the authorization will be in control of service. The CAS protocol clearly says that. This means even he the ticket is valid whether he should access the service or not will be decided by the service itself.
-----Original Message----- From: Marvin Addison [mailto:[email protected]] Sent: Monday, March 22, 2010 12:50 AM To: [email protected] Subject: Re: [cas-user] small help > Even if > the ticket is validated it is the services which determines the access for > the user. If you mean that the service could choose to ignore a validation failure, or conversely, to deny a success, then the service is ultimately in control. Services must be designed to collaborate with the protocol; this is no different than any other protocol that requires participants to agree to the terms of the protocol for proper behavior. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
