Hi, today i made a small presentation about the usage of CAS in a project (CAS in a clustered environment with JBossTicketRegistry). During some discussions about security we found that someone can inject own servicetickets into the serviceticketcluster and then perform a request with this injected serviceticket.
Have we overlooked something ? Frank _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
