Hi folks, I'm just getting started with the CAS proxy approach and was wondering if folks had preferences about whether to set the pgtIou/pgtId pair as application variables that the proxying app can access directly (I'm currently using my calling app as the proxyCallbackURL as well), or whether the proxyCallbackUrl should store these in a db for lookup by the proxying app. Is the former dangerous (it seems like an SSL proxying app shouldn't need this step if it can get the pair itself via the indirect method?) or is there something else I should consider?
Thanks! Tomo _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
