At a minimum they should be viewable in Firefox (I just tried it using our local CAS server). CASPRIVACY may not be, depending on whether you checked "warn" or not. But CASTGC should be (unless you're searching for CASTCG, which would be incorrect, but I'm assuming that's just a typo)
Cheers, Scott On Wed, May 13, 2009 at 9:18 AM, Barry Silk <bs...@oberonassociates.com>wrote: > Scott, > > No, I can't see the either the CASPRIVACY or CASTCG cookies in Firefox nor > can I see them in IE. However, the cookies have to be there because I can > move between protected web apps without reauthentication to CAS. Both > Firefox and IE however allow the JSESSIONID cookie to be viewed. I realize > that the in-memory cookies aren't stored on disk, but just wondering if > anyone know how they can be viewed. > > Thanks, > Barry > ________________________________________ > From: Scott Battaglia [scott.battag...@gmail.com] > Sent: Tuesday, May 12, 2009 9:45 PM > To: cas-user@lists.jasig.org > Subject: Re: [cas-user] Problem: CAS Cookies not being set in browser > > Can you see them in Firefox? I believe in IE session cookies are only > stored in memory so you won't see them in the place cookies are normally > stored. But I haven't used IE in a while so I may be remembering wrong. > > Cheers, > Scott > > > On Mon, May 11, 2009 at 10:40 AM, Barry Silk <bs...@oberonassociates.com > <mailto:bs...@oberonassociates.com>> wrote: > Adam, > > Thanks for your response. > > I discovered the reason why moving to another protected web app required > re-authentication with CAS. That is because the > ticketGrantingTicketCookieGenerator.xml and warnCookieGenerator.xml were > configured with a cookieDomain parameter, as recommended by the Cluster CAS > tutorial in the CAS User Manual / JA-SIG Wiki. Once the cookieDomain > parameters were removed, it worked. It's not clear why this was causing a > problem since it appeared the parameter's value was specified correctly. > > As for the matter of viewing the CASPRIVACY and CASTCG cookies, they still > don't show up when viewing the browser session cookies. The only one that > shows up is the JESSIONID. Is there a reason they are not viewable? Or if > they are, what's the trick? (I viewed the session cookies by using the > "javascript:alert(document.cookie)" in the IE URL). > > Thanks again, > Barry > ________________________________________ > From: Adam Rybicki [arybi...@unicon.net<mailto:arybi...@unicon.net>] > Sent: Friday, May 08, 2009 8:34 PM > To: cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> > Subject: Re: [cas-user] Problem: CAS Cookies not being set in browser > > Barry, > > This my be an FAQ: is your CAS server configured to run over SSL/TLS? > CAS will not issue the TGC when it does not operate over a secure > connection. > > Adam > > Barry Silk wrote: > > Any help on this issue much appreciated! > > > > I have CAS (Version 3.2.1) deployed to a WebLogic cluster. My web > applications use Spring Security (version 2.0.2) with CAS-Client (Version > 3.1.3). > > > > CAS is performing authentication properly and passing the authenticated > userid to the protected web app for authorization resolution. Authorization > is also working properly as I am able to access protected resources in the > web app once authenticated by CAS. The problem is that the CAS cookies > (CASPRIVACY and CASTCG) do not show up in the browser. It doesn't matter > which browser (Firefox or IE), those cookies are not there. The only cookie > that shows up in the browser for the session is the JSESSIONID cookie. > Because the cookie does not show up in the browser, the SSO does not work > because moving to another protected web app requires re-authenticated with > CAS. That defeats the whole purpose of the SSO! > > > > > > The log however indicates that the cookie is trying to be set: > > > > 2009-05-06 14:24:04,966 DEBUG > [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Removed > cookie with name [CASPRIVACY]> > > 2009-05-06 14:24:04,966 DEBUG > [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action > 'AuthenticationViaFormAction' completed execution; result is 'success'> > > 2009-05-06 14:24:04,966 DEBUG > [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action > 'SendTicketGrantingTicketAction' beginning execution> > > 2009-05-06 14:24:04,966 DEBUG > [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - <Added cookie > with name [CASTGC] and value > [TGT-5-6Io7ebVeEp90fs1GpemHmXWnGIgDO5TKUuaMKjX37zb5KHyf3G-cas]> > > 2009-05-06 14:24:04,966 DEBUG > [org.jasig.cas.web.flow.SendTicketGrantingTicketAction] - <Action > 'SendTicketGrantingTicketAction' completed execution; result is 'success'> > > 2009-05-06 14:24:04,966 DEBUG > [org.jasig.cas.web.flow.GenerateServiceTicketAction] - <Action > 'GenerateServiceTicketAction' beginning execution> > > > > CAS is set up to use a database for the ticketRegistry, and that seems to > be working fine. (Not sure that's relevant to the problem). > > > > Any ideas what could be going wrong? > > > > Thanks! > > Barry Silk > > > > > > -- > You are currently subscribed to cas-user@lists.jasig.org<mailto: > cas-user@lists.jasig.org> as: scott.battag...@gmail.com<mailto: > scott.battag...@gmail.com> > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > bs...@oberonassociates.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > scott.battag...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
