Hi Zac, You can check this page <https://jasig.github.io/cas/4.0.0/protocol/CAS-Protocol.html> from the new CAS documentation that has a diagram which explain the "Web Flow". It helped me a lot.
Germain Le 19/05/2014 22:30, Zac Harvey a ??crit : > Thanks Carlos, starting to see the whole picture now. > > So it sounds like something is going awry for me in step #3 just after CAS > authenticates the user. Perhaps under some conditions the CASTGC isn't being > generated and handed to the browser; or perhaps under some circumstances the > ticket registry isn't receiving the TGT. > > Last week you mentioned something about a scenario where CAS is installed as > root? How would you go about debugging this? > > Thanks again! > > -----Original Message----- > From: Carlos Fernandez [mailto:[email protected]] > Sent: Monday, May 19, 2014 4:17 PM > To: [email protected] > Subject: RE: [cas-user] CASTGC Cookie? > > The flow is: > > 1. User goes to CAS login page. > 2. User logs in. > 3. CAS authenticates user and generates a CASTGC cookie and hands it back to > browser. > a. If the user presented a service URL upon arriving at the login page, > CAS will also generate a service ticket and redirect the browser to that > service URL with the ST. > b. If not, CAS will display the "Login successful" page instead of > redirecting. > > The browser does not check the cookie's content, but only stores it until it > expires or CAS says to delete it. > > Best regards, > -- > Carlos. > > > -----Original Message----- > From: Zac Harvey [mailto:[email protected]] > Sent: Monday, 19 May, 2014 15:41 > To: [email protected] > Subject: RE: [cas-user] CASTGC Cookie? > > Thanks Carlos & Marvin, > > That makes more sense. But I'm still not fully understanding the flow: > > 1. User goes to CAS login page. > 2. User logs in. > 3. CAS authenticates user and generates a CASTGC cookie and hands it back to > browser. > 4. Browser does a check to see if it has a CASTGC cookie, and if not, > redirects back to the login page (?) > > Thanks for any clarification here! > > Zac > > -----Original Message----- > From: Marvin Addison [mailto:[email protected]] > Sent: Monday, May 19, 2014 3:35 PM > To: [email protected] > Subject: Re: [cas-user] CASTGC Cookie? > >> 1. What is the CASTGC cookie? What role does it play when logging in? >> 2. When is the CASTGC cookie generated? >> 3. What happens if the CASTGC cookie isn't present when the user signs in? > I believe the following section of the CAS protocol document answers all the > above: > > http://www.jasig.org/cas/protocol#ticket-granting-cookie > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, > see http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, > see http://www.ja-sig.org/wiki/display/JSG/cas-user > -- Germain Souquet Direction du Syst??me d'Information Universit?? de La Rochelle http://dsi.univ-lr.fr http://www.univ-larochelle.fr -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
