Hi,
When using IE7, CAS3 always requires authentication when opening in new
browser because ,as documented, the CAS SSO cookie is session scoped.
Authentication is not required if user opens new tabs within the same browser
window apparently because the session is still in scope for new tabs. Note that
in Firefox, CAS doesn not require authentication when opening new browsers
because cookies is readable/usable.
So my question: is there anyway for CAS SSO cookie to be used such that
authentication is not required when opening new browser in IE7 (desired effect
in Firefox)? I read that this can be overcome by configuring the CAS cookie to
be persistent as opposed to session-scoped. Specifically this is configured by
setting the cookieMaxAge to a positive integer (as opposed to -1 which set is
for session-scoped)
p:cookieMaxAge="3600"
These settings are in two files:
warnCookieGenerator.xml
ticketGrantingTicketCookieGenerator.xml
reside in /WEB-INF/spring-configuration/ directory.
The problem is that even with setting to positive integer value, user is still
required to authenticate everytime new window is open. Is there additional
configuration required?
thanks,
Hanh
_________________________________________________________________
Internet Explorer 8 – Get your Hotmail Accelerated. Download free!
http://clk.atdmt.com/MRT/go/141323790/direct/01/
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
