Overview

Authentication Process

verifies that the user’s service ticket has not expired. If the user does not have a valid service ticket, then the server will return an appropriate error code to the client.

Step 7. (Optional) At the client’s request, the application server can also return the timestamp sent by the client, encrypted in the session key. This ensures a mutual authentication between the client and the server.

Chapter 1

27