I think that in the login-webflow.xml this state
<decision-state id="ticketGrantingTicketExistsCheck">
<if test="${flowScope.ticketGrantingTicketId != null}"
then="hasServiceCheck" else="gatewayRequestCheck" />
</decision-state>
Should check against the ticketRegistry to see if the ticket that have
the ticketGrantingTicketId retrieved from the user cookie is not expired
or deleted. Because in my case I can force the logout of an user and
delete all his tickets from ticketRegistry but when he tried to login
again he had an ticketGrantingTicketId and a service and then CAS create
another ServiceTicket and the user result authenticated from CAS. I will
modify the login-webflow.xml to check this but I think that CAS should
do this change to the next release if all this is true.
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
