Mock CAS

Session id: 8475FDA50534CCB6EABCB912017A1A01
Associated username:

Mock CAS does not validate users but will behave in a similar way to a CAS server. It will return valid CAS responses although actual authentication has not been achieved. It does not implement any of the behaviour associated with single use tickets.
The CAS tickets are not true CAS tickets and are instead the Session Id with a CAS ticket prefix. Initially a random username is returned, this username will be associated with the session id of the request. If future request parameters for proxy access match that session id then a matching username will be returned.

login

login?service=

This servlet redirects to the service supplied with a new CAS style ticket attached.
parameters:
service
required - required and used by cas-mock

verify the ticket and be done

serviceValidate?ticket=ST-8475FDA50534CCB6EABCB912017A1A01&service=

Used in the same user session that invoked the login servlet (may not be apparent to the user).
parameters:
ticket
required - ignored by cas-mock
service
required - ignored by cas-mock
pgtUrl
optional - used by cas-mock

verify the ticket and enable further proxying

serviceValidate?ticket=ST-8475FDA50534CCB6EABCB912017A1A01&service=&pgtUrl=pgtCallback

The presence of the pgtUrl makes the CAS server call that URL with the request parameters; pgtId and pgtIou. e.g. https://localhost:8443/cas-mock/pgtCallback?pgtIou=PGTIOU-8475FDA50534CCB6EABCB912017A1A01&pgtId=TGT-8475FDA50534CCB6EABCB912017A1A01
parameters:
ticket
required - ignored by cas-mock
service
required - ignored by cas-mock
pgtUrl
optional - used by cas-mock

get a proxy ticket

proxy?targetService=&pgt=TGT-8475FDA50534CCB6EABCB912017A1A01

The "proxy" url is called by the service rather than within the user's SSO session. This servlet has been modified to extract the Session Id from the "pgt" request parameter.
parameters:
pgt
required - *new behaviour* - now used by cas-mock
targetService
required - ignored by cas-mock

verify the proxy ticket

proxyValidate?service=&ticket=PT-8475FDA50534CCB6EABCB912017A1A01

The "proxyValidate" url is called by the service rather than within the user's SSO session. This servlet has been modified to extract the Session Id from the "ticket" request parameter. This value is then used to lookup the username previously associated with that session id.
parameters:
ticket
required - *new behaviour* - now used by cas-mock
service
required - ignored by cas-mock
pgtUrl
optional - used by cas-mock

logout

logout