This isn't especially clear in the protocol spec, so I'm hoping someone here can answer this question:
Should query parameters in the URI be ignored when checking the 'service' parameter for validity? In other words, if I have a service ticket for service http://www.example.com, should that service ticket also be valid for http://www.example.com?foo=bar In some of our applications, http://www.example.com and http://www.example.com?foo=bar point to exactly the same service, but due to the way the client is redirecting things, sometimes users get sent to http://www.example.com and sometimes to http://www.example.com?foo=bar.... I'm wondering whether this is a problem that should be corrected in our CAS client, or whether it's okay to allow our CAS server to ignore the query part of the URI. This e-mail message is privileged, confidential and subject to copyright. Any unauthorized use or disclosure is prohibited. Le contenu du pr'esent courriel est privil'egi'e, confidentiel et soumis `a des droits d'auteur. Il est interdit de l'utiliser ou de le divulguer sans autorisation. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
