Yeah, I just read that. So for single sign on, we need to generate a new service ticket using the TGT? For example, I have a site at www.sitea.com<http://www.sitea.com>. I login to this site, so I have a TGT ticket and a service ticket. I go to site that is at yyy.sitea.com. They can validate the service ticket. If the user comes back to www.sitea.com<http://www.sitea.com>, then they need to generate a new service ticket?
Right now, we are storing the service ticket and the TGT ticket in a cookie. How would we do SSO using an external site, say a site at www.siteb.com<http://www.siteb.com>? Thanks again for all the help. It is greatly appreciated!! ________________________________ From: [EMAIL PROTECTED] [EMAIL PROTECTED] On Behalf Of Adam Rybicki [EMAIL PROTECTED] Sent: Wednesday, August 20, 2008 7:01 PM To: Yale CAS mailing list Subject: Re: validating service ticket You can't. Service tickets are single-use only. Jason Roscoe wrote: I have successfully generated a service ticket using CAS 3.3 and the RESTful API. Now, when I try to validate that ticket, calling http://localhost:9009/cas/serviceValidate?service=http://localhost:8082/xxx/login.jsf&ticket=ST-1-CfHBK93WV7kbR4U6PFfI-cas, the first time it returns my user. If I try to validate the ticket a second time, it says: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'> <cas:authenticationFailure code='INVALID_TICKET'> ticket 'ST-1-CfHBK93WV7kbR4U6PFfI-cas' not recognized </cas:authenticationFailure> </cas:serviceResponse> How do I validate a ticket more than once? Thanks. ________________________________ Disclaimer: This e-mail message is intended only for the personal use of the recipient(s) named above. If you are not an intended recipient, you may not review, copy or distribute this message. If you have received this communication in error, please notify us immediately by e-mail and delete the original message. This e-mail expresses views only of the sender, which are not to be attributed to Rite Aid Corporation and may not be copied or distributed without this statement. ________________________________ _______________________________________________ Yale CAS mailing list [email protected]<mailto:[email protected]> http://tp.its.yale.edu/mailman/listinfo/cas ________________________________ Disclaimer: This e-mail message is intended only for the personal use of the recipient(s) named above. If you are not an intended recipient, you may not review, copy or distribute this message. If you have received this communication in error, please notify us immediately by e-mail and delete the original message. This e-mail expresses views only of the sender, which are not to be attributed to Rite Aid Corporation and may not be copied or distributed without this statement.
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
