[cas-dev] IE6 SP1 went to infinite redirection while redirecting from cas server to cas client, credentials asked twice for idle loginpage

Andrew Feller afelle1 at lsu.edu
Fri Dec 5 08:26:39 EST 2008 

Lekhnath,

1. What is your setup?  Which version of the CAS Server and which CAS
client?  Does this only happen in IE6?  What about Firefox?

2. Could you diagram the HTTP activity in the endless loop? (e.g. /login w/
view A => ...)

3. The CAS server is configured with a 5 minute session timeout in web.xml.
You would either need to extend this timeout or say it is an acceptable
loss.

As far as the endless loop is concerned, I believe there is probably a
misconfiguration where there CAS client you are using to protect your
application is not seeing the service ticket provided by the CAS server.  It
would help if you could give us more.

If you want an easy way to recording what is going on when you do this, use
FireFox and the "Live HTTP Headers" add-on.  This will allow you to capture
all HTTP requests made so they can be analyzed.

HTH,
A-

On 12/5/08 5:46 AM, "Lekhnath Bhusal" <lbhusal at d2hawkeye.com> wrote:

> Hello team,
> I am working on to integrate three products in our product line to
> centrally authenticate through CAS. I changed the login page that JASIG
> provides by default and customize it. The list of issues are
> 1. I use request parameter 'view' to dynamically use different login
> view for different product line. Now, when I add more views to
> default_views.properties file the request goes to infinite redirection loop.
> 2.If I leave the login page idle for some time (5 minutes or more), then
> I have to enter my credentials twice. i.e. when I enter userName and
> password first time no response occurs just the username and password
> fields are reset and I have to re-enter the credentials and this time I
> am successfully authenticated.
> 3. In IE6 Service pack 1, when I browse to a product it redirects to
> login server where I provide my credentials. After that the application
> redirects to the requested product and runs in an infinite loop in the
> product side. While it is looping if I provide the url directly then the
> product page is seen. This shows that in IE 6 SP1 CAS server
> authenticates the user but after redirecting to the product the browser
> can not open the product page.
> I need your help in this regard.
> Regards,
> Lekhnath
> 
> 
>  
> PRIVACY NOTICE
> 
> This email and any attachments may be confidential and/or privileged. Use of
> the information contained in this email by anyone other than the intended
> recipient is strictly prohibited. If you have received this email in error,
> please notify the sender by replying to this message and delete this email.
> _______________________________________________
> cas-dev mailing list
> cas-dev at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas-dev

More information about the cas-dev mailing list