Fix the authentication delegation to a CAS server

[leleuj]

The authentication delegation to a CAS server has a big issue. It seems to work, but it doesn't. You generally see that under a certain workload, but it can be reproduced fairly easily.
The TST is saved into the customParams of the configuration of the CasClient which is a problem because it's a singleton so the TST used at the time of the ticket validation (CasAuthenticator) can be the one of another authentication delegation.
This PR fixes the issue by using the session instead.

It can be tested easily with this project: https://github.com/casinthecloud/cas-pac4j-oauth-demo (master branch). It's the version 6.2.0-RC1, but all CAS versions have the same code and issue.

• Call the login page (http://localhost:8080/cas/login) and start the authentication delegation to a CAS server by clicking on the "CAS" button.
• Do the same in another browser and finish the login process: it works
• Return to the first browser and finish the login process: it doesn't work.

[apereocas-bot]

Thank you very much for submitting this pull request! Please note that this patch is targeted at a CAS branch that is no longer maintained and as such cannot be accepted or merged. For additional details, please review https://apereo.github.io/cas/developer/Maintenance-Policy.html

If you are seeking assistance or have a question about your CAS deployment, please visit https://apereo.github.io/cas/Support.html for support options.

CAS - Maintenance Policy

CAS - Enterprise Single Sign-On for the Web

CAS - Support

CAS - Enterprise Single Sign-On for the Web