Re: pgt vs. pgtIou

Mon, 26 Feb 2007 22:26:13 -0800

Yes.  The specification is incorrect on this point.  Yale CAS Server 2.0.12 used the parameter "pgtId":

[
 /**
   * Contacts the URL with a PGT and an IOU, but only if the URL's
   * server's certificate appears appropriate for the URL.  Returns
   * <tt>true</tt> on success, <tt>false</tt> on failure of any kind.
   */
  private boolean callbackWithPgt(String callbackUrl,
                                  String pgtId,
                                  String iouId) {
    try {
      String target = null;
      if (callbackUrl.indexOf('?') == -1)
        target = callbackUrl + "?pgtIou=" + iouId + "&pgtId=" + pgtId;
      else
        target = callbackUrl + "&pgtIou=" + iouId + "&pgtId=" + pgtId;
      SecureURL.retrieve(target);

      // we succeeded!
      return true;

    } catch (IOException ex) {
      app.log("PGT callback failed: " + ex.toString());
      return false;
    }
  }

]


According to the original Yale Client, the pgtId that the CAS server sends is correct.  It looks like the specification in this instance is incorrect.

-Scott

On 2/26/07, Matt Zukowski <[EMAIL PROTECTED]> wrote:
Just a quick question for the JA-SIG CAS server programmers:

In section 2.5.4 of the protocol spec
(http://www.ja-sig.org/products/cas/overview/protocol/index.html ) it
says that the CAS server connects to the proxy callback url with two
parameters in the URI: "pgt" and "pgtUrl". However, it appears that the
JA-SIG CAS server actually uses "pgtId" instead of "pgt". Am I missing
something here, or is there a reason why the server doesn't follow the spec?


This e-mail message is privileged, confidential and subject to copyright. Any unauthorized use or disclosure is prohibited.
Le contenu du pr'esent courriel est privil'egi'e, confidentiel et soumis `a des droits d'auteur. Il est interdit de l'utiliser ou de le divulguer sans autorisation.


_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas


_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
  




_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to