Thanks Carlos, starting to see the whole picture now. So it sounds like something is going awry for me in step #3 just after CAS authenticates the user. Perhaps under some conditions the CASTGC isn't being generated and handed to the browser; or perhaps under some circumstances the ticket registry isn't receiving the TGT.
Last week you mentioned something about a scenario where CAS is installed as root? How would you go about debugging this? Thanks again! -----Original Message----- From: Carlos Fernandez [mailto:cfern...@sju.edu] Sent: Monday, May 19, 2014 4:17 PM To: cas-user@lists.jasig.org Subject: RE: [cas-user] CASTGC Cookie? The flow is: 1. User goes to CAS login page. 2. User logs in. 3. CAS authenticates user and generates a CASTGC cookie and hands it back to browser. a. If the user presented a service URL upon arriving at the login page, CAS will also generate a service ticket and redirect the browser to that service URL with the ST. b. If not, CAS will display the "Login successful" page instead of redirecting. The browser does not check the cookie's content, but only stores it until it expires or CAS says to delete it. Best regards, -- Carlos. -----Original Message----- From: Zac Harvey [mailto:zhar...@commercehub.com] Sent: Monday, 19 May, 2014 15:41 To: cas-user@lists.jasig.org Subject: RE: [cas-user] CASTGC Cookie? Thanks Carlos & Marvin, That makes more sense. But I'm still not fully understanding the flow: 1. User goes to CAS login page. 2. User logs in. 3. CAS authenticates user and generates a CASTGC cookie and hands it back to browser. 4. Browser does a check to see if it has a CASTGC cookie, and if not, redirects back to the login page (?) Thanks for any clarification here! Zac -----Original Message----- From: Marvin Addison [mailto:marvin.addi...@gmail.com] Sent: Monday, May 19, 2014 3:35 PM To: cas-user@lists.jasig.org Subject: Re: [cas-user] CASTGC Cookie? > 1. What is the CASTGC cookie? What role does it play when logging in? > 2. When is the CASTGC cookie generated? > 3. What happens if the CASTGC cookie isn't present when the user signs in? I believe the following section of the CAS protocol document answers all the above: http://www.jasig.org/cas/protocol#ticket-granting-cookie M -- You are currently subscribed to cas-user@lists.jasig.org as: zhar...@commercehub.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: cfern...@sju.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: zhar...@commercehub.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user