RE: [cas-user] CASTGC Cookie?

Mon, 19 May 2014 13:18:12 -0700 

The flow is:

1.  User goes to CAS login page.
2.  User logs in.
3.  CAS authenticates user and generates a CASTGC cookie and hands it back 
to browser.
    a. If the user presented a service URL upon arriving at the login page, 
CAS will also generate a service ticket and redirect the browser to that 
service URL with the ST.
    b. If not, CAS will display the "Login successful" page instead of 
redirecting.

The browser does not check the cookie's content, but only stores it until it 
expires or CAS says to delete it.

Best regards,
--
Carlos.


-----Original Message-----
From: Zac Harvey [mailto:zhar...@commercehub.com]
Sent: Monday, 19 May, 2014 15:41
To: cas-user@lists.jasig.org
Subject: RE: [cas-user] CASTGC Cookie?

Thanks Carlos & Marvin,

That makes more sense. But I'm still not fully understanding the flow:

1.  User goes to CAS login page.
2.  User logs in.
3.  CAS authenticates user and generates a CASTGC cookie and hands it back 
to browser.
4.  Browser does a check to see if it has a CASTGC cookie, and if not, 
redirects back to the login page (?)

Thanks for any clarification here!

Zac

-----Original Message-----
From: Marvin Addison [mailto:marvin.addi...@gmail.com]
Sent: Monday, May 19, 2014 3:35 PM
To: cas-user@lists.jasig.org
Subject: Re: [cas-user] CASTGC Cookie?

> 1. What is the CASTGC cookie? What role does it play when logging in?
> 2. When is the CASTGC cookie generated?
> 3. What happens if the CASTGC cookie isn't present when the user signs in?

I believe the following section of the CAS protocol document answers all the 
above:

http://www.jasig.org/cas/protocol#ticket-granting-cookie

M

--
You are currently subscribed to cas-user@lists.jasig.org as: 
zhar...@commercehub.com To unsubscribe, change settings or access archives, 
see http://www.ja-sig.org/wiki/display/JSG/cas-user

--
You are currently subscribed to cas-user@lists.jasig.org as: 
cfern...@sju.edu To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to cas-user@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to