/login as credential requestor missing login token value

[IainWorkman]

I was fixing some old code today, which interfaces with CAS, and had an issue implementing it as per the 3.0 specification documents. I was attempting to obtain the login token value from the `/login` url when acting as credential requestor, so that I could then include this value in the POST to the same url acting as credential acceptor. However, the login token doesn't seem to be present.

I looked at the example version of CAS hosted at https://casserver.herokuapp.com/cas/login, to see if that contained the login token, and couldn't find it there either. 

This doesn't seem to be what is in the protocol specifications, section 2.1.3 - which states that "This page MUST include a form with the parameters, “username”, “password”, and “lt”." 

("lt" being the login token).

Has the name of the parameter changed, am I missing it somehow - or has the protocol changed, and the documentation not been updated?

Thanks,

Iain

[Andy Ng]

Hi Lain,

I have track don't the commit that removed the lt ticket:

https://github.com/apereo/cas/commit/ca17b2f39601c503e1a6925951b39bbdffa4c63f

it is remove at 4.2.4 -> 4.2.5.

Not sure the reason tho, it did seems weird that the documentation and the source code have differs, you might need to ask Misagh himself.

Cheers!

- Andy