No Scott.. we are not using any special settings except for the authentication , we have made changes to the deployerConfigContext.xml to authenticate users with a database setup in a different machine. But i reverted the changes and have also checked with the SimpleTestUsernamePasswordAuthenticationHandler. Even then i can see a duplicate cookie getting added on a refresh of the page.
Now it is strange. what can be other places to look out for? Thanks, Mckenzie On Wed, Jan 9, 2013 at 10:24 AM, Scott Battaglia <scott.battag...@gmail.com> wrote: > I just tried it with CAS Server 3.5.1 and the same Tomcat version you > mentioned over SSL using Java 1.6 and I could not replicate your issue. > > Could there be anything special about your environment? > > > On Tue, Jan 8, 2013 at 9:16 AM, Scott Battaglia <scott.battag...@gmail.com> > wrote: >> >> Thanks! >> >> I'll try it tonight unless someone else on this thread tries it first. >> >> >> >> On Tue, Jan 8, 2013 at 8:31 AM, Mckenzie J <mck2...@gmail.com> wrote: >>> >>> http://www.jasig.org/cas_server_3_5_1_release >>> >>> Please click on download on the left for the zip file. >>> >>> Thanks, >>> Mckenzie. >>> >>> On Tue, Jan 8, 2013 at 6:59 PM, Mckenzie J <mck2...@gmail.com> wrote: >>> > yeah it is a typo.My bad. . the version is 3.5.1 and not 3.3 - the >>> > version is cas-server-webapp-3.5.1 >>> > >>> > Thanks, >>> > Mckenzie >>> > >>> > On Tue, Jan 8, 2013 at 6:52 PM, Scott Battaglia >>> > <scott.battag...@gmail.com> wrote: >>> >> Hi, >>> >> >>> >> Is that a typo or is it really CAS 3.3? That download page you linked >>> >> to >>> >> doesn't exist any more. >>> >> >>> >> Not that I think 3.3 had this issue, but can you try a newer version >>> >> since >>> >> you're just copying the WAR: >>> >> http://www.jasig.org/cas_server_3_5_1_release >>> >> >>> >> Thanks >>> >> Scott >>> >> >>> >> >>> >> On Tue, Jan 8, 2013 at 8:16 AM, Mckenzie J <mck2...@gmail.com> wrote: >>> >>> >>> >>> Scott, >>> >>> >>> >>> I downloaded the CAS module from the jasig website and deployed the >>> >>> extracted cas war module into tomcat server webapps and made proper >>> >>> changes of the server for SSL configuration to get the CAS up and >>> >>> running. I did not follow WAR overlay method. We are making use of >>> >>> Tomcat 6.0.29 and it is running on a linux machine. >>> >>> >>> >>> A description deployment steps i have followed: >>> >>> >>> >>> 1. Downlaod CAS Server zip from >>> >>> "http://www.ja-sig.org/products/cas/downloads/index.html";. >>> >>> >>> >>> 2. Extract the zip file. >>> >>> >>> >>> 3. Download Apache Tomcat . >>> >>> >>> >>> 4. Copy "war folder" from "\cas-server-3.3\modules" folder and paste >>> >>> it in "<<apache-tomcat-home>>\webapps" folder. >>> >>> >>> >>> 5. Open "<<apache-tomcat-home>>\conf\server.xml" and uncomment below >>> >>> line. >>> >>> >>> >>> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" >>> >>> maxThreads="150" scheme="https" secure="true" clientAuth="false" >>> >>> sslProtocol="TLS" /> >>> >>> >>> >>> 6. Start server. >>> >>> >>> >>> 7. Open browser and type "https://localhost:8443/cas/login";. A login >>> >>> form will be displayed. >>> >>> >>> >>> Thanks, >>> >>> Mckenzie >>> >>> >>> >>> >>> >>> On Tue, Jan 8, 2013 at 10:47 AM, Scott Battaglia >>> >>> <scott.battag...@gmail.com> wrote: >>> >>> > Mckenzie, >>> >>> > >>> >>> > Are you using the WAR overlay method for CAS deployments? If so, >>> >>> > can >>> >>> > you >>> >>> > privately send me the ZIP of the overlay (minus any sensitive >>> >>> > passwords)? >>> >>> > >>> >>> > Also, what version of Tomcat are you using? >>> >>> > >>> >>> > Thanks >>> >>> > Scott >>> >>> > >>> >>> > >>> >>> > On Mon, Jan 7, 2013 at 11:57 PM, Mckenzie J <mck2...@gmail.com> >>> >>> > wrote: >>> >>> >> >>> >>> >> hi Jerome/Kevin, >>> >>> >> >>> >>> >> Please find the Http trace attached.This is the trace of the CAS >>> >>> >> war >>> >>> >> (cas 3.5.1) deployed in a tomcat on a linux machine and there is >>> >>> >> no >>> >>> >> custom code existing. I could see only 1 CAS TGC in the cookie >>> >>> >> manager (the one with a slash / as set by the CAS code) but >>> >>> >> Interestingly i could see the second CASTGC getting added (one >>> >>> >> without >>> >>> >> the slash /)when i refreshed the page. >>> >>> >> >>> >>> >> I have added the whole lot of HTTP watch from login to logout of >>> >>> >> this >>> >>> >> scenario in the attached file. >>> >>> >> >>> >>> >> Kevin - Ideally we are having a pound server for our development >>> >>> >> work. >>> >>> >> But now i think the behaviour is evident in the CAS itself. We are >>> >>> >> seeing that the additional cookie gets added immediately on a >>> >>> >> refresh >>> >>> >> of the page once logged in. If we are able to find the cause and >>> >>> >> fix >>> >>> >> this, it will solve this for good. please help. >>> >>> >> >>> >>> >> P.S. i am using FF 17.0.1 browser. >>> >>> >> >>> >>> >> Regards, >>> >>> >> Mckenzie >>> >>> >> >>> >>> >> On Mon, Jan 7, 2013 at 7:12 PM, jleleu <lel...@gmail.com> wrote: >>> >>> >> > Hi, >>> >>> >> > >>> >>> >> > I don't see anything strange in your logs. >>> >>> >> > For your scenario : login/logout, can you trace all HTTP >>> >>> >> > requests/responses with cookies to see when the second CASTGC is >>> >>> >> > created and >>> >>> >> > with what parameters ? And post everything one again... >>> >>> >> > Thanks, >>> >>> >> > Jérôme >>> >>> >> > >>> >>> >> > -- >>> >>> >> > You are currently subscribed to cas-dev@lists.jasig.org as: >>> >>> >> > mck2...@gmail.com >>> >>> >> > To unsubscribe, change settings or access archives, see >>> >>> >> > http://www.ja-sig.org/wiki/display/JSG/cas-dev >>> >>> >> >>> >>> >> -- >>> >>> >> You are currently subscribed to cas-dev@lists.jasig.org as: >>> >>> >> scott.battag...@gmail.com >>> >>> >> >>> >>> >> To unsubscribe, change settings or access archives, see >>> >>> >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >>> >>> > >>> >>> > >>> >>> > -- >>> >>> > You are currently subscribed to cas-dev@lists.jasig.org as: >>> >>> > mck2...@gmail.com >>> >>> > To unsubscribe, change settings or access archives, see >>> >>> > http://www.ja-sig.org/wiki/display/JSG/cas-dev >>> >>> >>> >>> -- >>> >>> You are currently subscribed to cas-dev@lists.jasig.org as: >>> >>> scott.battag...@gmail.com >>> >>> To unsubscribe, change settings or access archives, see >>> >>> http://www.ja-sig.org/wiki/display/JSG/cas-dev >>> >>> >>> >> >>> >> -- >>> >> You are currently subscribed to cas-dev@lists.jasig.org as: >>> >> mck2...@gmail.com >>> >> To unsubscribe, change settings or access archives, see >>> >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >>> >>> -- >>> You are currently subscribed to cas-dev@lists.jasig.org as: >>> scott.battag...@gmail.com >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-dev >>> >> > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > mck2...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
