I’ll update the spec to clarify this. Robert
Am 21.02.2014 um 14:26 schrieb Jérôme LELEU <[email protected]>: > Hi, > > You should take a look at the documentation: > https://wiki.jasig.org/display/CASUM/Remember+Me. > > In case of remember-me configuration, the CASTGC cookie does not end with the > web session, but has a longer lifetime. It is still valid even after the user > has closed his browser. > It requires that the tickets registry is able to store the TGT for a long > time. > > Best regards, > Jérôme > > > > 2014-02-21 9:13 GMT+01:00 Filippos <[email protected]>: > Hi! I am building a Rails Engine based on the CAS 3.0 protocol specifications > you have here: > https://github.com/Jasig/cas/tree/master/cas-server-protocol/3.0 > > However I am puzzled with the Remember-Me functionality. I think the protocol > does not explain it very well. > > At some point (about TGT Cookies) the protocol says: > Ticket-granting cookies MUST be set to expire at the end of the client’s > browser session. > > However at Long-Term Ticket Granting it says: > CAS Server MAY support Long-Term Ticket Granting Tickets (referred to as > “Remember Me” functionality). If this feature is supported by the CAS Server, > it is possible to perform recurring, non interactive re-logins to the CAS > Server as long as the Long-Term Ticket Granting Ticket in the CAS Server is > not expired and the browsers TGC Cookie is valid. > > So my question is: How TGC Cookie can be valid when a user closes his/her > browser ? The whole idea of Long-Term Ticket Granting is to enable this but > by requiring the TGC cookie to be valid it is impossible. Have I understood > something incorrectly in CAS 3.0 ? > > Thanks! > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
