Tom, Thanks for the followup here, but I'm using neither ServiceNow nor Shibboleth.
I ultimately have decided to rebuild my CAS server from scratch. I'm going to upgrade to 4.0 (I'm currently on 3.5.2.1) and I'm also going to deploy directly to a Tomcat7 instance. Currently I'm using the Maven-Tomcat plugin and running an embedded Tomcat instance inside an executable CAS JAR. I think there's something buggy with that embedded Tomcat and causing JSESSIONIDs to not generate/clear correctly. Thanks again for all the help with this! -----Original Message----- From: Tom Poage [mailto:[email protected]] Sent: Thursday, June 05, 2014 10:21 AM To: [email protected] Subject: Re: [cas-user] Need to clear browser cookies in order to login On 06/04/2014 10:24 AM, Zac Harvey wrote: > Thanks Tom, no this is just IE (I'm using IE 11). Thoughts? Suggests to me the problem may be your deployment of CAS, but not necessarily. E.g. we recently noted a development instance of ServiceNow via IE 11 was not working with Shibboleth. Turns out ServiceNow (or whatever the developer was doing) was attempting to perform authN in a frame wrapped by an unsecured connection. IE 11 caught/denied the attempt (unless explicitly allowed; noted by running its built-in dev tools) and e.g. running Firefox with Adblock caught what it considered a cross-site forgery. Tom. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
