Hi Ray, No. In renew mode, CAS if user already has a valid session, ask login/passwd, validate it and then genarate a new Service Ticket linked to the current tgt (user current Cas Session). So authentication metadata are not updated.
In this case, client when validate Service Ticket, see authentication metadata from initial authentication not the renew ones. Regards Le ven. 29 mai 2020 à 17:55, Ray Bon <r...@uvic.ca> a écrit : > Raph, > > Are you talking about ticket expiration? > https://apereo.github.io/cas/6.1.x/ticketing/Configuring-Ticket-Expiration-Policy.html > > Ray > > On Fri, 2020-05-29 at 07:43 -0700, Raph C wrote: > > Hi all, > > I'm using CAS 5.3 version and have multiple authentication handler which > supports different kind of credential. So let's imagine the following flow : > > A/ user authenticates with a custom credential (e.g header and not a > login/password). all is ok, an authentication attribute (let's call it > *amr*) is set to tgt to state which authn method was used ... then a CAS > session is started > B/ A few moment later (before CAS session expires), user agent is > redirected to login page with renew param. > C/ user has to enter its login/password. After validating it by another > authentication handler, CAS generates a new Service Ticket but left tgt as > is without updating *amr* attribute with new value. Finally CAS client > will see an outdated information. > > How can I force CAS to update my TGT authentication attribute before > generating service ticket ? > > Thanks for your help > > -- > > Ray Bon > Programmer Analyst > Development Services, University Systems > 2507218831 | CLE 019 | r...@uvic.ca > > I respectfully acknowledge that my place of work is located within the > ancestral, traditional and unceded territory of the Songhees, Esquimalt and > WSÁNEĆ Nations. > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/d6cb93970ae8c45f5ac4912c86c8d9ca1b36f1ba.camel%40uvic.ca > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/d6cb93970ae8c45f5ac4912c86c8d9ca1b36f1ba.camel%40uvic.ca?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAJtMnTGYWTq84%3DKW%3DoudN9jAj%3DypF-zA2f%3DfBFXjHiJNkxLaWQ%40mail.gmail.com.
