Dear CAS mailing list,
I hope you all had a nice Easter holiday. I will appreciate it if someone answers my question(s) explained below. I have the following environment: 1) Web browser on computer 1. (Microsoft Internet Explorer or FireFox) 2) Some CASed web application (let us call http://Computer2/WebApp/default.aspx ) on computer 2. (Microsoft IIS and ASP.NET web application) 3) CAS server on computer 3. ( let us assume https://Computer3/cas ) I will summarize the interactions between the three computers until I reach my question(s): 1) User starts the web browser on computer 1 for the first time and browses to http://Computer2/WebApp/Default.aspx 2) WebApp's CAS filter recognizes that this user has no valid CAS credentials and hence redirects the request to http://Computer2/cas/login. and appends the service=http://Computer2/WebApp/Default.aspx URL parameter to the request. 3) CAS server recognizes that this request is new and hence creates a new jsessionid and associates it with our user/browser. 4) CAS server shows the login screen to the user. 5) User enters a valid user name and password and clicks OK. 6) CAS server verifies the user name and password and creates the CASTGC cookie that contains the TGT ticket. 7) The JSESSIONID and CASTGC cookies are sent to the browser and the browser immediately calls WebApp with the ST ticket http://Computer2/WebApp/default.aspx?ticket=ST-xyz 8) WebApp's filter detects the ST ticket in the URL. At this point (when the filter receives the ST) I want to issue a proxyValidate (from inside the filter) call as follows: https://Computer3/cas/proxyValidate?service=http://Computer2/WebApp/Default.aspx&ticket=ST-xyz&pgtUrl=https://Computer2/WebApp/pgtCallback.aspx <https://computer3/cas/proxyValidate?service=http://Computer2/WebApp/Default.aspx&ticket=ST-xyz&pgtUrl=https://Computer2/WebApp/pgtCallback.aspx> Finally we come to my question, when the filter issues the proxyValidate URL above what sequence of events happen on the three computers? I know from the documentation that CAS returns an http response that contains xml with user name and PGTIOU, but the pgtUrl is also called with pgtIou and pgtId parameters? What is done first? Can someone please tell me the exact sequence of events that take place after the proxyValidate URL above reaches computer 3? Thank you for your help, I appreciate it. Mit freundlichen Grüßen / Kind regards Faris Ahmed | Development Project Manager | Infor | Tel: +49 (0) 6151 866 7814 | Fax: +49 (0) 6151 866 7088 | mailto:[EMAIL PROTECTED] Postanschrift: Infor Global Solutions Darmstadt GmbH | Landwehrstr. 50, 64293 Darmstadt | Sitz der Gesellschaft ist Darmstadt | Handelsregister: Amtsgericht Darmstadt, HRB 5556 | Geschäftsführer: Jochen Kasper,Uwe Richter
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
