...
Access to your application begins when the user calls for a CAS login including the application URL or service needed. This looks very much like this.
| Code Block |
|---|
http(s)://cas_server/cas/login?service=http(s)://other_server/application1 |
When the CAS server receives the request, CAS programmatically forms a new URL request (redirection) and calls application1 and adds a unique one-time-only random ticket (String) as a request parameter. Remember that the user does not see any of this. Also, please note that HTTPS is marked with parentheses. It is critical that you understand how HTTPS can be used. CAS will make no assumptions outside of its authentication security mechanism. HTTPS recommendations and practices will be discussed in separation documentation.
| Code Block |
|---|
http://other_server/application1?ticket=ST-8670-123buTvFFjo980 |
...