Hi,
We're using CAS 3.5.2 and are intermittently seeing the above error when a user attempt to login. When this happens, we notice the login ticket (lt) hidden form field value is different to the one shown in the error message, e.g. Error message was ticket 'LT-3809-ruffCnzXUSVmjenefNEAzOHsNPJV6P' not recognized Form field was <input type="hidden" name="lt" value="LT-3811-AiSyuqtMYYITAFiKt2SdWrPbBUaMIF" /> We only see this error on an initial login when the user first visits our CAS login page, typically (possibly always) after there has been a period of inactivity (i.e. no-one else has been using CAS to login). A subsequent attempt to login always succeeds. We are wondering if our browser is using a cached (and out-of-date) instance of the login dialog when this happens, but are not sure. As an aside, we have been able to force this error message to happen by manually changing the value in the login ticket field using browser developer tools. If anyone can shed any light on the details on how the login ticket is used at the server we would be most appreciative. Kind regards, Richard -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
