Only the CAS server can set the CASTGC cookie and it can only do that when being directly interacted with via the web browser. If you need the cookie set in the web browser, there must be some interaction with the CAS server.
On Tue, Aug 5, 2014 at 9:23 PM, Puneet Goyal <pgo...@qasource.com> wrote: > Hi , > > > > I have a scenario where I am authenticating a user by using CAS’s REST api > and writing the returned cookie to response > > The thought was when a secured page is encountered and user goes to CAS’s > login page, he will get logged in using the CASTGC cookie. > > But this doesn’t work correctly as CASTGC cookie is not read by the page. > > > > *The question here is:* > > *1. **Is this the correct way of doing programmatic log in.? ( As > in this scenario I can’t show cas’s login page, user logs In using a > separate form)* > > *2. **I see a CASPRIVACY cookie also coming up now, what is the use > of this cookie and do I need to write this as well to response?* > > > > > > Regards > > Puneet Goyal > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > scott.battag...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
