Failure to create pgtIOU/PGT should not result in successful validation

Description

If either of the pgtIOU or PGT fail to be created, CAS validation response should not proceed as if validation was successful. Current case is that pgtIOU may be absent in the validation payload, as the proxy callback may timeout due to load, etc.

Relevant lines:
https://github.com/Jasig/cas/blob/master/cas-server-webapp-support/src/main/java/org/jasig/cas/web/ServiceValidateController.java#L138
https://github.com/Jasig/cas/blob/master/cas-server-webapp-support/src/main/java/org/jasig/cas/web/ServiceValidateController.java#L167

Proposals to fix the issue must also update the protocol to indicate the expected behavior on failure.

See discussion here: https://groups.google.com/forum/#!topic/jasig-cas-dev/gv2gwoG9ELo

Environment

None

Status

Assignee

Misagh Moayyed

Reporter

Misagh Moayyed

Labels

None

Estimated End Date

None

Audience

None

Components

Fix versions

Affects versions

3.5.2
4.0 RC1
4.0 RC2
4.0 RC3

Priority

Major