Thanks for your reply, Scott. If I've gotten this correct. (with renew = false)
1. Client successfully logs into Service A. 2. Ticket Granting Ticket is created, added to Ticket Registry. 3. Client moved to Service B. 4. Service B redirects to CAS, sending Ticket Granting Cookie. 5. CAS checks Ticket Registry for Ticket Granting Ticket. 6. If Ticket is found and has not expired. creates a new Service Ticket for Service B. 7. CAS redirects client to Service B without asking for credentials. If this is correct can Service B determine the user name without asking the client for it? _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
