I'm using CAS 3.4.8. Logging in from the browser works well via http or https. I have had that working for a while now. I now need to secure some web services our app is providing and have enabled the restful API. I can successfully authenticate and receive a ticket granting ticket and a service ticket. When I go to access the service by appending ?ticket=<my ticket value> to the url it only will work in the non SSL environment. When running against the SSL prod environment I receive a
ticket 'ST-6-WfLwVOA4EJRi7Qnb0m7H-cas' not recognized and the CAS logs show that the ticket was not found in the ticket registry and therefore the ticket passed in wasn't valid. The ticketExpiration policy is acceptable since it works without SSL so I know the ticket isn't timing out. I'm guessing there is some kind of an issue when dealing with the SSL protocol. Perhaps a redirect or something is happening. Has anyone experienced similar issues with the rest API? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
