-----Original Message----- From: Marvin Addison [mailto:marvin.addi...@gmail.com] Sent: Tuesday, May 25, 2010 11:03 AM To: cas-user@lists.jasig.org Subject: Re: [cas-user] cas tickets x.509
> When CAS grant a ticket after a successful login, is the ticket signed with > a server x.509 cert? There is no cryptographic signatures of any kind on the tickets. Although CAS and Kerberos are conceptually similar, ticket signing is a notable difference. CAS tickets are effectively shared secrets between the server and client; all validation happens on the server where the ticket is valid if the server has a record of it being granted to the client that presents it. M Hum.. then I guess I'm confusing CAS tickets with SAML tokens. Thanx! Rob -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user