Hi Experts , I am new to CAS .
After going through the cas proxy documents and Walkthroughs , i could understand the use of a PGT and PT . But i am still very confused about the PGTIOU . My understanding is to connect to any backend service , the user requests for a PGT using a ST and once the PGT is available he can generate PTs further . I am a bit confused why the cas server sends PGTIOU , and if if it sends where from the callback URL gets the PGT . More specifically the bold lines below . *"A request is sent for a PGT through /serviceValidate or /proxyValidate URI. CAS server can't give PGT back in its response, because its not convinced of the requestor identity. If the requestor identity is the correct identity, then CAS says "IOU (I Owe You) a PGT" and sends PGTIOU. The requestor, having received a PGTIOU in the CAS response, and both a PGT and a PGTIOU from the proxy callback which was given as value of pgturl parameter when request is sent, will use the proxy-granting ticket IOU to correlate the proxy-granting ticket with the validation response. The requestor will then use the proxy-granting ticket for the acquisition of proxy tickets, if the requestor is the correct identity. "* Thanks in Advance . Sushant. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
