The CAS server cookies are scoped only to the CAS server on purpose. Cheers Scott On Oct 31, 2011 7:41 PM, "Misagh Moayyed" <[email protected]> wrote:
> After a little bit of digging around using Chrome's dev tools, I noticed > that as soon as I hit the login button, response headers and the cookies > for > the login action are there with path of the cookie being set to "/cas". > However, once the redirect moves onto the final page "default.aspx" cookies > are vanished. > > All suggestions are welcome. > > > -----Original Message----- > From: Misagh Moayyed [mailto:[email protected]] > Sent: Monday, October 31, 2011 12:27 PM > To: [email protected] > Subject: RE: [cas-user] Setting up ExampleWebsite - Too many redirects & no > cookie? > > The serverName is set to the full computer name and it is definitely > accessible on the browser. I have tried it without the port # and the > result > has been the same. > > Also, I tried to follow your suggestion and reset the > redirectAfterValidation property value to false but it looks like the value > has to be true for the forms authorization element to work. Otherwise, a > configuration exception is thrown. > > Based on the doc, the cookie only sent on secure connections unless the > setting for the ticket generator is changed. I have tried the set up with > both true/false values for "cookieSecure" and the result has been the same. > I am not just why the cookie is not sent because I see it there in the > browser history and in the CAS logs. > > ...but I have been wondering, could this be a permissions issue ? The > cookie > by default is supposed to go to "/". Could this be that a write-permission > is denied and the cookie is never placed on the server ? > > Misagh > > -----Original Message----- > From: Marvin Addison [mailto:[email protected]] > Sent: Monday, October 31, 2011 11:05 AM > To: [email protected] > Subject: Re: [cas-user] Setting up ExampleWebsite - Too many redirects & no > cookie? > > > <casClientConfig > > casServerLoginUrl="https://<full-machine-name>:8443/cas/login" > > casServerUrlPrefix="https://<full-machine-name>:8443/cas/" > > serverName="https://<full-machine-name>:443" > > For simplicity, serverName should be the fully-qualified DNS name of > the client host. Also, you might set redirectAfterValidation="false" > to see whether that helps. > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
