1) For a GET requests using the java cas client, it goes like this: Browser does a GET on https://foo.example.com/foo
Service returns a 302 with Location: https://cas.example.com/cas/login?service=https%3A%2F%2Ffoo.example.com%2Ffoo. The original URL is in the service query parameter. Browser does a GET to https://cas.example.com/cas/login?service=https%3A%2F%2Ffoo.example.com%2Ffoo. CAS returns a 200 with the login page. The login page has the same URI inside it for the POST of the username/password. Browser does a POST with username/password to https://cas.example.com/cas/login?service=https%3A%2F%2Ffoo.example.com%2Ffoo. Again the original URI is preserved in the service parameter. CAS returns a 302 with Location: https://foo.example.com/foo?ticket=ST-123456789 Browser does a GET on https://foo.example.com/foo?ticket=ST-123456789 2) The body of a POST request will not be preserved. If a POST is working it is because you've already established a session via a prior login. David Ohsie ASD Arch. and Advanced Dev. 410-929-2092 -----Original Message----- From: Guy Thomas [mailto:[email protected]] Sent: Wednesday, April 10, 2013 9:59 AM To: [email protected] Subject: [cas-user] Preserving the original request How does CAS succeed in keeping/restoring/... the original client request (even a POST request, for example with a file upload)? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
smime.p7s
Description: S/MIME cryptographic signature
