ServerName Property
Dom
formpost at hotmail.com
Tue Sep 4 19:59:12 EDT 2007
However, in your example both Bob and Eve applications are backed by the same
ticket registry. Without the same registry a ticket issued from Evil.eve.com
wouldn't be found at all in Bobs.files.com ticket registry and therefore fail.
If all services backed by the same registry are "friends" is this still an
security issue.
I would like to add my appreciation for the time you have spend on this.
Thanks again.
Regards,
Dom
More information about the cas
mailing list