Generic login (with no service) causes the webflow to erroneously report successul login even when no server side TGT is present

Description

When login with no service the generic success page is displayed. Next time when /login with no service is entered, the flow just checks if tgtId represented by the CASTGC cookie is present in the flow scope (set by 'initialFlowSetupAction') and reports the successful login, completely disregarding the value of the server side TGT (the TGT could expire or not be present altogether, for example by restarting the container). This creates a great confusion.

Perhaps, there is a need to accurately report the generic login success, by introducing an additional flow state to compare the CASTGC value to the server side TGT, it's expiration state, etc.

Environment

None

Status

Assignee

Dmitriy Kopylenko

Reporter

Dmitriy Kopylenko

Labels

None

Estimated End Date

None

Audience

None

Components

Fix versions

Affects versions

3.5.1

Priority

Minor