The protocol isn't the issue. One should not be determining whether to use proxy validate or service validate based on the prefix of the ticket id. Supporting service or proxy validation is a configuration call (i.e. see the Java client). The deployer should be choosing what type of validation they wish to support rather than the ticket passed in determining.
Cheers, Scott On Thu, Jun 24, 2010 at 4:22 PM, Joachim Fritschi < [email protected]> wrote: > Hi Franco, > > i was confused by the same thing: > > https://issues.jasig.org/browse/PHPCAS-44 > > > http://jasig.275507.n4.nabble.com/CAS-returning-proxy-tickets-that-begin-with-ST-rather-than-PT-td1595324.html#a1595324 > > The reason for this confusing code is that the setST leads to a validateST > (CAS 1.0 validation) and setPT leads to a validatePT call (CAS 2.0) > validation. The CAS 2.0 validation accepts PTs and STs and doesn't care > about the ticket prefix. > The root "problem" it that all CAS Servers since 3.0 will return any proxy > or service ticket with a ST prefix. The cas protocol is a bit confusing in > this regard i guess. > > I'm planing to refactor all the methods within phpCAS to fix the confusion > for the 1.2 release and have tried to add some comments in the meantime for > the confusing functions. > > Cheers, > > Joachim > > > Am 24.06.2010 17:01, schrieb Franco: > > I see that in file client.php at line 703 it checks whether there a ST or >> PT ticket. Then, if this is the case, it call $this->setPT($ticket), even >> thought an ST ticket is present (I expected $this->setST($ticket) instead). >> Can not understand the reason for that. >> Thaks for your nice help. >> Franco >> >> > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
