CAS ask me for authentication everytime

Scott Battaglia scott_battaglia at rutgers.edu
Fri Jul 7 15:11:52 EDT 2006 

The JavaScript error should be fixed in CVS.

-Scott

Scott Battaglia
Application Developer, Architecture & Engineering Team
Enterprise Systems and Services, Rutgers University
v: 732.445.0097 | f: 732.445.5493 | scott_battaglia at rutgers.edu 



Huertas Fernández wrote:
> Just to summarize:
>
> - Firefox 1.5.0.4:
>
> New tabs within the same browser and even new browser instances share the same session cookie (so they will authenticate correctly against CAS).
>
> - IE 6.0.2900.2180:
>
> It doesn't provide "tabs" feature, but new Windows opened via "File --> New Windows" share the same session information.
>
> Different browser instances (opened via iexplore.exe) don't share the session cookie, so they won't be able to authenticate against CAS unless you define a persistent cookie instead of a session cookie.
>
> - IE 7.0.5450.4 BETA 3:
>
> New tabs share the same session cookie (similar to Firefox).
>
> New browser instances (opened via iexplore.exe) don't share session information (same that IE 6).
>
>
>
> BTW, seizing the opportunity we are talking about browsers...
> the login screen gives me a Javascript error when I open it in IE: "Can't move focus to the control because it is invisible, not enabled, or of a type that does not accept the focus"
>
> The error is in the function init() executed when the body is loaded.
>
> Best regards,
>
> Jose Luis.
>
>
>
> -----Mensaje original-----
> De: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu] En nombre de Kothari, Amit
> Enviado el: viernes, 07 de julio de 2006 14:14
> Para: Yale CAS mailing list
> Asunto: RE: CAS ask me for authentication everytime
>
> You are right Scott. This is how it behaves in IE 6x versions. I am not sure if this behavior has changed in IE 7x versions.
>
>
> -----Original Message-----
> From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu] On Behalf Of Scott Battaglia
> Sent: Friday, July 07, 2006 5:34 PM
> To: Yale CAS mailing list
> Subject: Re: CAS ask me for authentication everytime
>
> In IE, I believe if you open a new window (by doing File->New Window) 
> that shares the session information. However, I believe opening a new 
> window via "Start->Internet Explorer" may not share the session information.
>
> I believe that's what I saw in my testing but its been awhile so I may 
> be remembering it wrong :-)
>
>
> Huertas Fernández wrote:
>   
>> Clinton, I have been a couple of days without visiting the Acegi 
>> forum, because I wasn't getting any help and it seemed to be related 
>> with CAS rather than with Acegi.
>>
>> I'm using IE version 6.0.2900.2180 and Firefox 1.5.0.4.
>>
>> I had noticed that using Firefox I could open different tabs (or even 
>> new browsers) and I was already authenticated. However, I only have 
>> one CAS application (client), and the browsers were sharing the same 
>> session ID, so Acegi didn't redirect me to CAS authentication because, 
>> from the application's point of view, all the browsers are the same 
>> client. I couldn't try it with different applications, but I guess the 
>> browsers would share the same session cookie (until you close all) 
>> because that seems to be the behaviour for Firefox.
>>
>> IE bug? I don't know, but maybe it is just a design decision (share 
>> the session cookies between browser instances or not) and they have 
>> changed its point of view in IE 7 (BTW, did you try with differents 
>> tabs or different browsers?) I don't think the behaviour about session 
>> cookies when you have several browser instances is specified in any 
>> RFC or something like that...
>>
>> Best regards,
>>
>> Jose Luis.
>>
>> ------------------------------------------------------------------------
>>
>> *De:* cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu] 
>> *En nombre de *Clinton Sandy
>> *Enviado el:* jueves, 06 de julio de 2006 21:49
>> *Para:* cas at tp.its.yale.edu
>> *Asunto:* CAS ask me for authentication everytime
>>
>> Jose,
>>
>> I left a message for you in the Acegi forum but I guess you haven't been
>> back there since you weren't getting any help. I'd like to know what 
>> browser
>> you are using. I have two server installations using version 2.0.12 
>> and version 3.0.4.
>> When I use IE 6.2800.1106 and IE 6.0.2900.2180 the sso fails. But when 
>> I use
>> Firefox 1.5.0.4 <http://1.5.0.4> and IE 7.0 beta 3 it works fine. In 
>> the cases where this fails,
>> it seems that the browser is not setting the cookie.
>>
>> I'm wondering if anyone else is seeing this behaviour? The important
>> point is the same server configuration is providing different results
>> for different browsers. Jose seems to have gotten past this problem
>> by changing his server configuration but aren't we overlooking
>> a possible bug in IE?
>>
>> Any comments and suggestions are greatly appreciated.
>>
>> Thanks,
>> Clinton
>>
>> -------------------------------------------------------------------------------------------------------------------
>> Este correo electrónico y, en su caso, cualquier fichero anexo al 
>> mismo, contiene información de carácter confidencial exclusivamente 
>> dirigida a su destinatario o destinatarios. Queda prohibida su 
>> divulgación, copia o distribución a terceros sin la previa 
>> autorización escrita de Indra. En el caso de haber recibido este 
>> correo electrónico por error, se ruega notificar inmediatamente esta 
>> circunstancia mediante reenvío a la dirección electrónica del 
>> remitente. POR FAVOR, ANTES DE IMPRIMIR ESTE CORREO ELECTRÓNICO 
>> CONSIDERE SU APORTACIÓN A LA CONSERVACIÓN DEL MEDIO AMBIENTE POR LA 
>> REDUCCIÓN DE CONSUMO DE PAPEL.
>>
>> The information in this e-mail and in any attachments is confidential 
>> and solely for the attention and use of the named addressee(s). You 
>> are hereby notified that any dissemination, distribution or copy of 
>> this communication is prohibited without the prior written consent of 
>> Indra. If you have received this communication in error, please, 
>> notify the sender by reply e-mail. PLEASE CONSIDER YOUR ENVIRONMENTAL 
>> RESPONSIBILITY BEFORE PRINTING THIS E-MAIL.
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Yale CAS mailing list
>> cas at tp.its.yale.edu
>> http://tp.its.yale.edu/mailman/listinfo/cas
>>   
>>     
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>

More information about the cas mailing list