I was looking at login-webflow.xml today (investigating an unrelated problem), and noticed that it might be possible for a browser to get to the "generic login success" page with an invalid TGT.
The ticketGrantingTicketExistsCheck state (line 11 in login-webflow.xml for version 3.4.3) does not seem to check the validity of the TGT, only its existence. If there is no service parameter, you essentially end up right at the "generic login success" view. Of course, this doesn't expose anything of value, as if you try this with a service parameter, the bogus TGT is exposed and you're forced to log in. Is my logic sound here, or am I missing something? Thanks, Rich -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
