James, in Chrome of Firefox (and probably others), turn on the feature that "restores sessions" when you restart.
For chrome you go to this URI: "chrome://settings/" Then choose, in the section "On Startup", the radio button "Continue where I left off". Then try logging into CAS, close the browser, and come back. You will see that session cookies have been restored. I was surprised too... My naivete has been memorialized on this very mailing list :). David Ohsie Software Architect EMC Corporation > -----Original Message----- > From: James Sumners [mailto:[email protected]] > Sent: Tuesday, July 09, 2013 3:27 PM > To: [email protected] > Subject: Re: [cas-user] closing your browser message > > Could you please provide some more information on this? I'm searching for > information on this change but am not having much luck. As far as I can tell, > session cookies are still a thing. > > ~ James > > On Jul 8, 2013, at 4:48 PM, Trenton D. Adams <[email protected]> wrote: > > > For security reasons, please Log Out and Exit your web browser when you > are done accessing services that require authentication! > > > > > > The above security message is no longer useful, and gives users a false > sense of security. Closing your browser will no longer remove the cookie. > Unfortunately, browser developers thought it useful to make closing of the > browser not constitute "end of session" anymore. I do not know why they > did this. I thought the cookie spec was very specific about that, but it's been > so long since I looked at it. > > > > Does anyone know of a way of making browsers honour what we all once > held dear? > > > > -- > > Trenton D. Adams > > Senior Systems Analyst/Web Software Developer Navy Penguins at your > > service! > > Athabasca University > > (780) 675-6195 > > :wq! > > > > -- > > This communication is intended for the use of the recipient to whom it > > is addressed, and may contain confidential, personal, and or privileged > > information. Please contact us immediately if you are not the intended > > recipient of this communication, and do not copy, distribute, or take > > action relying on it. Any communications received in error, or > > subsequent reply, should be deleted or destroyed. > > --- > > > > -- > > You are currently subscribed to [email protected] as: > > [email protected] To unsubscribe, change settings or > > access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, > see http://www.ja-sig.org/wiki/display/JSG/cas-user >
smime.p7s
Description: S/MIME cryptographic signature
