You're sending a new PT each time so its naturally going to validate each new one it receives.
PGTs have nothing to do with this. They stay with the main application and should not be passed to anyone else. Cheers, Scott On Fri, Oct 9, 2009 at 6:43 PM, ttan <[email protected]> wrote: > Hi, > > I have a set up where each GUI(php) call is actually a web service call to > a server (Spring 2.0.1 CAS client) component. The PhP gui itself is > authentication using PhPCAS. After authenthentication, each web service is > a proxied call with _*cas_*stateless_ as user, and the PGT as password. > > I see in CAS log: > > First web service call to the same web-service > > 10.90.145.5 - - [09/Oct/2009:22:26:10 +0000] "GET > /cas/proxy?targetService=https%3A%2F%2Fmidtierhost%3A11951%2Fssn_ws%2Fj_spring_cas_security_check&pgt= > TGT-3-v4BcdVSPnbXVfxGLebFNeaB3sulG1dOCHRxu4fN0msEG9WoOVI-ttan-osx-lt.rwc.silverspringnet.comHTTP/1.1" > 200 224 > 10.90.145.5 - - [09/Oct/2009:22:26:10 +0000] "GET > /cas/proxyValidate?pgtUrl=https%3A%2F%2Fmidtierhost%3A11951%2Fssn_ws%2FcasVerify.jsp&ticket=ST-12-OMlY90zXETbQ9gidOj0E-midtierhost&service=https%3A%2F%2Fmidtierhost%3A11951%2Fssn_ws%2Fj_spring_cas_security_check > HTTP/1.1" 200 411 > > > Subsequent web service call to the same web-service > > 10.90.145.5 - - [09/Oct/2009:22:26:49 +0000] "GET > /cas/proxy?targetService=https%3A%2F%2Fmidtierhost%3A11951%2Fssn_ws%2Fj_spring_cas_security_check&pgt=TGT-3-v4BcdVSPnbXVfxGLebFNeaB3sulG1dOCHRxu4fN0msEG9WoOVI-midtierhost > HTTP/1.1" 200 224 > 10.90.145.5 - - [09/Oct/2009:22:26:49 +0000] "GET > /cas/proxyValidate?pgtUrl=https%3A%2F%2Fmidtierhost%3A11951%2Fssn_ws%2FcasVerify.jsp&ticket=ST-13-ydObKnkhK5UZ1ivPluTj- > midtierhost&service=https%3A%2F%2Fmidtierhost%3A11951%2Fssn_ws%2Fj_spring_cas_security_check > HTTP/1.1" 200 412 > > I expect NOT to see the subsequent calls to CAS. Is my supposition correct? > > > I recalled reading somewhere that either the Java CAS client(3.1.3) or > Spring may cache the PGT? > > Thanks. > > Theen-Theen > > -- > You are currently subscribed to [email protected] as: > [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
