...
Once the user has been authenticated, the CAS server fulfills the application server's HTTPS CAS client request by the application server and returns an XML message of "success" and along with the authenticated username included. The original request exits the CAS filter can and now allow allows application1 to serve content to this newly authenticated user.
...