If you're contacting another service on behalf of the user, you should be passing that service a proxy ticket.
Service tickets are also one-time use only and their expiration policy should not be adjusted. Cheers, Scott On Tue, Aug 28, 2012 at 7:42 AM, dsilvia <[email protected]> wrote: > Hi Scott > > We modified the bean id serviceTicketExpirationPolicy class > MultiTimeUseOrTimeoutExpirationPolicy and set the first contructor value to > 2 from 1. > > Also, we are unsure if we should be using the Cas20ProxyTicketValidator in > our solution. We are authenticating from an application, OWF, which resides > on the same machine as CAS, but we are making a call to another machine, > the > widget machine, which presents the UI for the widget of OWF and that > machine > has a filter that checks to see if we are authenticated using CAS. Is this > correct, or should we be using Cas20ServiceTicketValidator? > > Thanks for your help. > > > > > > -- > View this message in context: > http://jasig.275507.n4.nabble.com/Why-is-Ticket-Being-Removed-From-Registry-tp4655932p4656013.html > Sent from the CAS Developers mailing list archive at Nabble.com. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
