Hi Richard, Yes, the value of the Ticket Granting Cookie is the Ticket Granting Ticket. The Ticket Granting Cookie is a Cookie for conveying the Ticket Granting Ticket.
Is the CAS server involved under your control such that you could add to it support for another means of user authentication, namely an adhoc trust relationship between your application and CAS such that your application can assert user identities to CAS? That would avoid the password replay approach. I ran across this code recently, which appears to handily implement this trusted-applications-can-assert-identities-to-CAS pattern. https://github.com/epierce/cas-server-extension-token If you're able to modify the CAS server, you might try implementing that. Kind regards, Andrew On Mon, Oct 15, 2012 at 12:52 AM, Richard Yang <rya...@yahoo.com> wrote: > I am still trying to find out a way to use our own login page. > First of all, I see that using external login UI is on the CAS 3 to do list. > But when is it going to be implemented? > We use CAS not for single sign on. But other applocations with we need to > integrate with has adopted this cas solution. > After the user logins to our application, I tried to invoke cas login as > acceptor. I post the username and password plus a randomly generated LT to > the cas login url, hoping that the cas server will validate the user > credential (again) without the cas login UI. According to > http://www.jasig.org/cas/protocol, this should work. I use httpclient to do > the post. However, the response I got from the post is always the CAS login > form (which I desperately tried to avoid). It means that the login failed. > But I don't see why it could fail. If I directly login through cas login > page with the same credential, it logged me in. > > httpclient code is attached. > > The second question is: > Is the value of cookie CASTGC is the same value as the Ticket granting > ticket? > > Thanks. > > > > > > > > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > ape...@unicon.net > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
