Ron, One url lists "...arsys//servlet..." (two slashes) and the other "...arsys/servlet..". Is that a typo, or might it have something to do with the authentication issue?
David Durling University of Georgia From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Longwing, LJ CTR MDA/IC Sent: Tuesday, February 26, 2013 2:09 PM To: arslist@ARSLIST.ORG Subject: Re: ticket direct URLs and login sessions ** Ron, I don't have an answer for the question...but I can tell you what the NTS number is :) That is a control form that all notifications are sent out through, and there is workflow on it that opens the proper form that needs to be opened for that notification. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Peters, Ron Sent: Tuesday, February 26, 2013 10:49 AM To: arslist@ARSLIST.ORG<mailto:arslist@ARSLIST.ORG> Subject: ticket direct URLs and login sessions ** Hello, We recently updated our notification templates to contain HTML direct links to incidents and changes. We disabled the default link at the beginning of all messages and created our own. An example of our INC URL is this: http://MID_TIER:8080/arsys/servlet/ViewFormServlet?form=HPD:Help+Desk&server=AR_SERVER&qual='Incident ID*%2B'%3D%22INC_NUMBER%22 This is the odd behavior and it happens in all browsers. * If a user is not logged into the mid-tier, the link requires authentication and then they're taken directly to the Incident. Normal and as expected. * If the user (not already logged into the mid-tier) uses the direct link, logs in, accesses the ticket AND THEN (without logging out) clicks on another direct link from a different email notification (or the same), they are taken directly to that ticket without any required authentication. Normal and as expected. * If the user had already been logged into the mid-tier, the direct link in the notification still requires authentication instead of taking them directly in. Odd o If the user declines the authentication (closes the browser tab/window) and goes back to their original, already logged in session, that session has now been logged out and they have to re-authenticate (Session is invalid or has timed out. Please reload page to log in again. (ARERR 9201)). Annoying Now, I've done some more testing. I re-enabled the 'Add URL' on the notification filter that has the form of: http://MID_TIER:8080/arsys//servlet/ViewFormServlet?form=NTE%3aNotifier&server=AR_SERVER&eid=NTS000000772848<http://MID_TIER:8080/arsys/servlet/ViewFormServlet?form=NTE%3aNotifier&server=AR_SERVER&eid=NTS000000772848> (<-- I don't know what the NTS number relates to) The new notifications (in Dev) have both URL types. With this being the case, I can't make it fail as before. I've also re-removed the 'Add URL' from the filter and it still won't fail in that environment though our production environment is still acting odd. This feels like something has gotten cached that works for the filter URL but not for my direct one. Anyone have any idea what's going on here? Thanks again, Ron _ARSlist: "Where the Answers Are" and have been for 20 years_ _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"