Thanks Ray,
That clears my confusion.
On Tue, 4 Dec 2018 at 10:38 PM, Ray Bon wrote:
> Paramvir,
>
> I assume that by session cookie you mean your client application's session
> cookie and not CAS's TGC.
> The client application is responsible for managing its own session. Once
> the user has been authenticated (service ticket validated), CAS is no
> longer required.
>
> Ray
>
> On Tue, 2018-12-04 at 03:22 -0800, Paramvir Singh Karwal wrote:
>
> Hi Andy,
>
> My question is regarding the validation of session cookie, though first
> time, the service ticket is validated by calling CAS's endpoint, but in
> subsequent calls from the browser to application only session cookie is
> sent, how does application validates session cookie, does application
> server makes a record of the session cookie which can be checked with the
> incoming calls containing session cookie. As depicted in the diagram there
> is no call to CAS's from application server to validate the cookie this
> time.
>
> On Saturday, October 22, 2016 at 3:17:39 AM UTC+5:30, Andrew Morgan wrote:
>
> On Fri, 21 Oct 2016, Yan Zhou wrote:
>
> > Hello,
> >
> > It was said that the TGT cookie (TGC) is hidden, so that we won't see
> it.
> >
> > I am curious how browser can send such hidden cookie to CAS, when user
> goes
> > to apps? If browser can see it, there should be a way for us to see it.
> >
> > The reason I am asking is because I noticed that Ajax XhrRequest does
> not
> > seem to send TGC cookie in some circumstances, so I need to investigate.
>
> The TGC is set by the CAS server using the domain of the CAS server. For
> example, my CAS server is at https://login.oregonstate.edu/cas/ and the
> TGC has a domain of "login.oregonstate.edu" and a path of "/cas". The
> browser will only send the cookie to the CAS, not the CAS client.
>
> The TGC persists the SSO session. It is not used by client applications.
> They receive a Service Ticket (ST) appended to the URL and validate the ST
> by calling CAS's /serviceValidate endpoint.
>
> A more complete description of this can be found at:
>
>https://apereo.github.io/cas/4.2.x/protocol/CAS-Protocol.html
>
> Thanks,
> Andy
>
> --
> Ray Bon
> Programmer analyst
> Development Services, University Systems
> 2507218831 | CLE 019 | r...@uvic.ca
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/1543943315.2944.37.camel%40uvic.ca
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/1543943315.2944.37.camel%40uvic.ca?utm_medium=email_source=footer>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAJNOhayguXuysBwOGHS9EFroUsOO9MAf4H0__gim7EfnTZUzCg%40mail.gmail.com.
