[cas-dev] Session confusion with CAS use
Scott Battaglia
scott.battaglia at gmail.com
Mon Jul 28 08:59:03 EDT 2008
Which version of CAS are you using?
-Scott
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Mon, Jul 28, 2008 at 8:49 AM, David Whitehurst <dlwhitehurst at gmail.com>wrote:
> I can't seem to determine how session is handled using CAS. I'm using
> CAS on a state installation and I'm quite comfortable that the session
> is well protected. I've tested favorites, url in another browser,
> etc. but I don't see a cookie in c:\Documents and
> Settings\dlwhitehurst\Cookies\
>
> And, I'm not seeing any ids in the URL. And, I can't find hidden
> fields. Can someone help me here. I'm trying to clearly understand
> how this works and be sure that we're fully protected or at least
> understand our risks.
>
> Thanks,
>
> David
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20080728/23d56d59/attachment.html
More information about the cas-dev
mailing list