[cas-dev] Rationale for preventing access to services associated with a TGT
Scott Battaglia
scott.battaglia at gmail.com
Tue Oct 21 15:37:12 EDT 2008
The reason is that CAS doesn't keep track of Services (I slightly lie there
because obviously we keep track of them for single log out purposes, but
that's it). Its only concerned about the creation, validation, and
destruction of tickets. Once a ticket is "used" we don't care about it
anymore, thus you can never obtain a list of STs from a TGT.
-Scot
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Tue, Oct 21, 2008 at 3:18 PM, Andrew Ralph Feller, afelle1 <
afelle1 at lsu.edu> wrote:
> Is there any particular reason why the services associated with a TGT are
> not exposed directly from the TGT interface? I'm sure the need never came
> up as it is possible to iterate over the ticket registry and determine which
> tickets are service tickets and what TGT they are associated with.
>
> Thanks,
> Andrew
> --
> Andrew R. Feller, Analyst
> Information Technology Services
> 200 Fred Frey Building
> Louisiana State University
> Baton Rouge, LA 70803
> (225) 578-3737 (Office)
> (225) 578-6400 (Fax)
>
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20081021/3670e63b/attachment.html
More information about the cas-dev
mailing list