CAS tickets produced by EncodingTicketService violate CAS v2 protocol spec
Fixed
Description fields
Basics
Logistics
Basics
Logistics
Description
Per section 3.7 of the CAS v2 protocol specification [1], CAS tickets are restricted to the following character set: [A-Za-z0-9-]. By default, the EncodingTicketService uses a data sealer configured for base-64 encoding, which violates the specification.
Per section 3.7 of the CAS v2 protocol specification [1], CAS tickets are restricted to the following character set:
[A-Za-z0-9-]. By default, theEncodingTicketServiceuses a data sealer configured for base-64 encoding, which violates the specification.[1] https://apereo.github.io/cas/5.2.x/protocol/CAS-Protocol-V2-Specification.html#37-ticket-and-ticket-granting-cookie-character-set