This might be helpful: https://wiki.jasig.org/display/CASUM/Technical+Overview
Cheers, Dmitriy. On Apr 26, 2013, at 11:18 AM, Rohit Kotecha <[email protected]> wrote: > Hi All, > > I am integration with CAS with our spring security web application. > > I have some question on how CAS will generate Service ticket and on which > condition. > > Scenario: > > There are two application APP1 and APP2 which uses CAS. > When user is access secure resoure of APP1, CAS login page is display to > user,user enter credential and > submit form. on successful authentication CAS will be generate service ticket > say ST1 and store it on server side > as well it will generate CASTGC on client side. Also ST1 will be appended to > url and send back to APP1. > > So APP1 will send that ST to CAS server to validate it and it will get > validated by CAS server as ST is there on server side. > > Now When same user visit APP2 in other tab in same browser, request will come > first to application server and > as we have configured CAS client request will be delegated to CAS server. > > > SO CAS server will generate service ticket say ST2 for this request. > > So my question is base on which parameter/attribute CAS server will decide > whether to generate service ticket or to forward login page. > and how CAS server come to know same user has requested resource APP2? > > And for every subsequent secure resource new ST will be generated by CAS > Server for same application? or it just > validate the previous ticket ST2 on each secure request. > > Also share me link where i can find how CAS server internal ticket mechanism, > > > Thanks and Regards, > ROhit Kotecha > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -**************Nihilent*************** > " *** All information contained in this communication is confidential, > proprietary, privileged > and is intended for the addressees only. If youhave received this E-mail in > error please notify > mail administrator by telephone on +91-20-39846100 or E-mail the sender by > replying to > this message, and then delete this E-mail and other copies of it from your > computer system. > Any unauthorized dissemination,publication, transfer or use of the contents > of this communication, > with or without modifications is punishable under the relevant law. > > Nihilent has scanned this mail with current virus checking technologies. > However, Nihilent makes no > representations or warranties to the effect that this communication is > virus-free. > > Nihilent reserves the right to monitor all E-mail communications through its > Corporate Network. *** " > > *************************************************************************- -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
