I don't see much explanation in the logs that would explain why the service ticket isn't found in the registry at validation time -- it's clearly created beforehand:
2011-11-14 09:23:24,699 DEBUG [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - <Added ticket [ST-2-ylhhsn0wTAgC3gdE6j2y-cas] to registry.> 2011-11-14 09:23:24,699 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] - <Granted service ticket [ST-2-ylhhsn0wTAgC3gdE6j2y-cas] for service [http://cre-itdev:8080/cre_webapp_control/] for user [stgtest1]> There's one thing that jumps out at me in the last audit record: WHO: audit:unknown I would expect that to be the service for which you're validating a ticket. I'm wondering if you're attempting to validate a ticket with either a null service or one which does not match the generating service exactly. How are you invoking the RESTful API? M -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user