So my question is base on which parameter/attribute CAS server will decide whether to generate service ticket or to forward login page.
and how CAS server come to know same user has requested resource APP2? The first time the user logs in to CAS, CAS returns a TGC (Ticket Granting Cookie) to the browser. When the user is forwarded back to the CAS, the browser sends the TGC cookie back to the CAS login URI. If the TGC is valid, then CAS will not require another login. The co (However, you can force a new login using "renew" query parameter http://www.jasig.org/cas/client-integration/renew). Also, be careful with your terminology. CAS does not "forward" to the login page. Rather, the protected application (APP2) forwards with a 302 to the login URI. CAS either presents the login screen or forwards back to APP2 using a 302 with a service ticket attached in a query parameter. I suggest following along in your browser using a tool such as "httpfox" in firefox. And for every subsequent secure resource new ST will be generated by CAS Server for same application? or it just validate the previous ticket ST2 on each secure request. Once at an application has authenticated a user, then it will typically generate a session cookie and not forward the user back on subsequent requests. If the application does forward the user back to CAS, a new ST will be generated. ST's are one time use. Also share me link where i can find how CAS server internal ticket mechanism, Thanks and Regards, ROhit Kotecha -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -**************Nihilent*************** " *** All information contained in this communication is confidential, proprietary, privileged and is intended for the addressees only. If youhave received this E-mail in error please notify mail administrator by telephone on +91-20-39846100 or E-mail the sender by replying to this message, and then delete this E-mail and other copies of it from your computer system. Any unauthorized dissemination,publication, transfer or use of the contents of this communication, with or without modifications is punishable under the relevant law. Nihilent has scanned this mail with current virus checking technologies. However, Nihilent makes no representations or warranties to the effect that this communication is virus-free. Nihilent reserves the right to monitor all E-mail communications through its Corporate Network. *** " *************************************************************************-
smime.p7s
Description: S/MIME cryptographic signature
