Cas20ProxyTicketValidator ticketValidator = new Cas20ProxyTicketValidator(casServerUrl);
ticketValidator.setRenew(this.renewTicket);
String serviceUrl = "http://"+ httpRequest.getServerName() +":" + httpRequest.getServerPort() +
httpRequest.getContextPath() +"/private/classic";
Assertion assertion = ticketValidator.validate(ticket, serviceUrl);
log.debug("------------------------------------------------------------------------------------");
log.debug("Service: "+serviceUrl);
log.debug("Principal: "+assertion.getPrincipal().getName());
log.debug("------------------------------------------------------------------------------------");
//Use empty password....it shouldn't be needed...this is a SSO login. The password has
//already been presented with the SSO server. It should not be passed around for
//better security
Credentials credentials = new Credentials(assertion.getPrincipal().getName(), "");
httpRequest.getSession().setAttribute(GenericSSOAgent.CREDENTIALS, credentials);
}