Jose, Thank you very much for your replies. They were very helpful and I really appreciated them!
Pat -----Original Message----- From: José Miguel Parrella Romero [mailto:[email protected]] Sent: Tuesday, May 04, 2010 6:00 PM To: [email protected] Subject: Re: [cas-user] differences between authenticating via the web browser, the RESTful API, or proxying Guimaraes, Patricia (NIH/NLM) [C] escribió: > Did you mean this instead: Indeed. Sorry for the typos. > That is, if I go to http://app2/, shouldn’t I be redirected to > http://cas/login?service=http://app2/ and after authentication, be > redirected to* *http://app2/?ticket=ST instead of > http://app/?ticket=ST? If that is the case, then I guess the TGT is > really not tied to the service passed as a parameter to the /cas/login > URL. It is only used to redirect the user to that service after > authentication is complete. Is that correct? The TGT is stored in the user's session cookie for the CAS domain in order to grant new STs when needed. TGT is not tied to a service and if you pass it as the 'service' parameter it won't validate (at least in my setup using mod_auth_cas) -- you need a ST for that. > Also, when you say “if SSO is enabled”, isn’t SSO enabled by default > unless the renew parameter is specified and set to true? Yes. And also unless you disable SSO in a per-service basis on the service management interface (/cas/services) > I apologize if these seem like basic questions, but I’m really trying to > get a better understanding of how CAS works. I'm not an expert in CAS myself, but I hope to be helpful. -- José Miguel Parrella Romero (bureado.com.ve) PGP: 0×88D4B7DF Debian Developer Caracas, VE/Quito, EC -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
