Hi, We use CAS 5.2.4 to protect some of our web apps and have SSO over them.
One of our clients complains about this scenario: - The user authenticates successfully, via "Remember me" option presented on the login form offered by CAS. (I can confirm that this long term authentication works, for e.g. I'm closing Chrome from memory and then when visiting the app no login is required) - The users of the client are pretty much in the move, so they access the apps we offer (protected by CAS) from different places: mobile network, different wifis. - So they complain that when they change the network they are required to authenticate again even though they checked before the "Remember me" option. So my questions are: - Is this long term authentication sensible to IP changes? - How this can be bypassed? - I scrolled thorough cas.properties to see anything that might tweak this scenario but I was unable to identify any of those - I was able to reproduce this problem locally on my dev env, by switching networks, another important thing is that devices from which they access our apps are iPADs with Safari iOS 12 or so. I used an iPad as well when reproducing this scenario Can this also be the cause? because sometimes is a nightmare doing custom things for iOS. So, can it happen that the TGC is not being sent on Safari iOS when the network changes? Any starting point, helping me to find a fix or at least an explanation if this scenario is intended, would be really appreciated! Thanks -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/af521a18-9d2d-4351-8cc8-960529030023%40apereo.org.
