[casshib] Fwd: Difference of authentication process between normal CAS and CASSHIB
33 views
Skip to first unread message
Trần Thị Thùy Trang
Apr 22, 2010, 10:02:40 AM4/22/10
to cas...@googlegroups.com
---------- Forwarded message ----------
From: Brian Koehmstedt <bko...@gmail.com>
Date: 2010/4/19
Subject: Re: Difference of authentication process between normal CAS and CASSHIB
To: Trần Thị Thùy Trang <thuyt...@gmail.com>
I don't think CAS needs JSESSIONID, but JSESSIONID might be needed on
the Shibboleth side of things. My Shib IDP issues three cookies in
the course of authentication: JSESSIONID, _idp_session, and
_idp_authn_lc_key.
From: Brian Koehmstedt <bko...@gmail.com>
Date: 2010/4/19
Subject: Re: Difference of authentication process between normal CAS and CASSHIB
To: Trần Thị Thùy Trang <thuyt...@gmail.com>
I don't think CAS needs JSESSIONID, but JSESSIONID might be needed on
the Shibboleth side of things. My Shib IDP issues three cookies in
the course of authentication: JSESSIONID, _idp_session, and
_idp_authn_lc_key.
> ---------- Forwarded message ----------
> From: Trần Thị Thùy Trang <thuyt...@gmail.com>
> Date: 2010/4/16
> Subject: Difference of authentication process between normal CAS and CASSHIB
> To: cas...@googlegroups.com
>
>
> Hi,
>
> I'm running normal cas and casshib and recognize that
> On CAS, Single Sign On session can still be carried on if the client only
> has the ticket cookie left (cookie CASTGC).
> But with CASSHIB, single sign on session can NOT be carried on if the client
> has only CASTGC ticket cookie left.
> The client needs to have both JSESSIONID and CASTGC cookie to make single
> sign on work.
>
> Can anyone please help me why do we need JSESSION here in CASSHIB?
> Thanks in advance.
> Regards,
> Trang
>
>
> From: Trần Thị Thùy Trang <thuyt...@gmail.com>
> Date: 2010/4/16
> Subject: Difference of authentication process between normal CAS and CASSHIB
> To: cas...@googlegroups.com
>
>
> Hi,
>
> I'm running normal cas and casshib and recognize that
> On CAS, Single Sign On session can still be carried on if the client only
> has the ticket cookie left (cookie CASTGC).
> But with CASSHIB, single sign on session can NOT be carried on if the client
> has only CASTGC ticket cookie left.
> The client needs to have both JSESSIONID and CASTGC cookie to make single
> sign on work.
>
> Can anyone please help me why do we need JSESSION here in CASSHIB?
> Thanks in advance.
> Regards,
> Trang
>
>
--
You received this message because you are subscribed to the Google Groups "casshib" group.
To post to this group, send email to cas...@googlegroups.com.
To unsubscribe from this group, send email to casshib+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/casshib?hl=en.
Reply all
Reply to author
Forward
0 new messages