Hi Kartik, Greatly appreciated there is an issue with top.jsp page that gets imported into casLoginView.jsp. We have custom JavaScript file being imported that is working fine in DEV but in all other regions its not coming through correct.
In DEV it shows up as <script type="text/javascript" src="/cas/themes/VU/js/common_rosters.js" ></script> In TEST, UAT and PROD <script type="text/javascript" src= "/cas/themes/VU/js/;jsessionid=C3E9287D86953890EDD2BFDD3770B038common_rosters.js" ></script> As you can clearly see there has been inject of the jsessionid. The jsession Id also appears on the "standard.custom.css.file". I have tweaked our settings rather than pass the directory location pass the directory location and file, so that jsessionid appears at the end at least. On Tuesday, 6 December 2016 07:23:38 UTC+11, Colin Wilkinson wrote: > > Hi Kartik, > > Thanks for the Help information we have noticed dev server is working > correctly, but test, uat and prod and working incorrect. May be something > is missing. > > Regards, > Colin > > On Tuesday, 6 December 2016 01:51:53 UTC+11, Kartik Mehta wrote: >> >> I recently faced the same issue, and traced it to our customized >> casLoginView.jsp. It had an img tag pointing to a non-existent image file. >> This caused the image tag to reload the page (similar to what is pointed >> out here - >> https://www.bennadel.com/blog/2236-empty-src-and-url-values-can-cause-duplicate-page-requests.htm >> >> ) >> Any chance of a missing image file in your Windows 10 environment, in >> case you have customized casLoginView.jsp (or any of the jsps it includes) >> >> On Mon, Dec 5, 2016 at 2:01 AM, Colin Wilkinson <[email protected]> >> wrote: >> >>> There are some customisations to the login flow, but we striped the >>> login flow back to what is working in production and noticed it was running >>> the login flow effectively twice. The second running is a problem because >>> the URL does not including any of the query parameters. >>> >>> The login has been customised with the following customisations >>> >>> 1. Enabled CAS Spnego >>> 2. Enable IP based range check >>> 3. Added a query parameter filter check to force to login page if >>> provided. A second button has been added to the uPortal page to provide >>> this parameter. Currently for students spnego is not enabled. >>> >>> As stated this is only an issue with connections coming from Windows 10. >>> We have been using this setup through out our development, testing and UAT >>> environment through Windows 7 with out any hassles. >>> >>> CAS software version CAS 4.1.7 >>> >>> Browser version are the following and all do the same thing, >>> Internet Explorer 11 >>> Edge 14 >>> Chrome 54 >>> Firefox 50.0.2 >>> >>> On Sunday, 4 December 2016 18:50:57 UTC+11, Jeffrey Wong wrote: >>>> >>>> Probably best to also note your browser version(s), CAS version, and if >>>> you have any customizations. I've hit some really interesting things on >>>> IE, >>>> in which the login flow fails to execute if there's a malformed HTML >>>> element. >>>> >>>> On Saturday, December 3, 2016 at 11:22:41 PM UTC-8, Colin Wilkinson >>>> wrote: >>>>> >>>>> Guys, >>>>> >>>>> We have had a strange problem that took us most of the week to realise >>>>> that there looks to be a real weird issue with access CAS from a windows >>>>> 10 >>>>> device. When accessing CAS from a Windows 10 devices through a browser it >>>>> executes the login flow twice. This means you loose all attributes >>>>> including service. >>>>> >>>>> The problem only exists when you open the browser from fresh, no other >>>>> instances of the browser running. Once you have access CAS once the flow >>>>> works as expected only runs once. From a fresh instances the flow runs >>>>> twice. >>>>> >>>>> Has any else experienced this. From windows 7 it works as expected. >>>>> >>>>> Regards, >>>>> Colin >>>>> >>>> -- >>> - CAS gitter chatroom: https://gitter.im/apereo/cas >>> - CAS mailing list guidelines: >>> https://apereo.github.io/cas/Mailing-Lists.html >>> - CAS documentation website: https://apereo.github.io/cas >>> - CAS project website: https://github.com/apereo/cas >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ae8f8950-e41f-486a-a3ff-dd49120e7a0d%40apereo.org >>> >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/ae8f8950-e41f-486a-a3ff-dd49120e7a0d%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> >> -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/43adcb22-2f60-46ab-9220-5b3a0a5ec8e1%40apereo.org.
