I wrote a CAS client for JIRA/Seraph and can redirect, authenticate, and redirect back. CAS logs that the simple handler auth'ed troy and that service ticket ST-[..] was granted. Browser receives a CASTGC cookie with TGT-[..] contents.
Looks good until my CAS client calls: String us = (String) request.getSession().getAttribute(CASFilter.CAS_FILTER_USER); .. which returns null. Anyone know if I need to enable non-default options to make the tickets actually persist? Or other ideas why the credential wouldn't stick around? The service is / and CAS is in /cas/, all 100% SSL. Same thing happens if I hit /cas/, login, then hit /. Here's the web.xml params: <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> <param-value>https://j.sr.com/cas/login</param-value> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> <param-value>https://j.sr.com/cas/serviceValidate</param-value> <param-name>edu.yale.its.tp.cas.client.filter.serverNamue</param-name> <param-value>j.sr.com</param-value> (also tried j.sr.com:443) Any pointers appreciated, Troy _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
