Thanks Carlos & Marvin, That makes more sense. But I'm still not fully understanding the flow:
1. User goes to CAS login page. 2. User logs in. 3. CAS authenticates user and generates a CASTGC cookie and hands it back to browser. 4. Browser does a check to see if it has a CASTGC cookie, and if not, redirects back to the login page (?) Thanks for any clarification here! Zac -----Original Message----- From: Marvin Addison [mailto:marvin.addi...@gmail.com] Sent: Monday, May 19, 2014 3:35 PM To: cas-user@lists.jasig.org Subject: Re: [cas-user] CASTGC Cookie? > 1. What is the CASTGC cookie? What role does it play when logging in? > 2. When is the CASTGC cookie generated? > 3. What happens if the CASTGC cookie isn't present when the user signs in? I believe the following section of the CAS protocol document answers all the above: http://www.jasig.org/cas/protocol#ticket-granting-cookie M -- You are currently subscribed to cas-user@lists.jasig.org as: zhar...@commercehub.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user