Hey all, I wanted to share an issue I found and the fix so that perhaps someone in the community can benefit. Moodle's CAS auth code (in version 2.6 and likely others) request a gateway authN request immediately before requesting the standard authN request. In theory this causes two Java web sessions to be created and ended, but in some cases (when the request and responses have little latency) the first session hasn't ended yet because it's on a 2 second delay before exploding.
In this latter case, the Login form is shown and the session expires while the user is typing in their credentials. The fix from the CAS Server side is actually pretty simple. In the cas-servlet.xml file, the terminateWebSessionListener bean's timeToDieInSeconds property needs to be set to zero (0), like this: <bean id="terminateWebSessionListener" class="org.jasig.cas.web.flow.TerminateWebSessionListener" p:serviceManagerUrl="${cas.securityContext.serviceProperties.service}" p:timeToDieInSeconds="0" /> Then the session dies immediately after the webflow ends instead of waiting two seconds. I don't know if there is a down side to making this change or not, but so far it has worked for two client applications (one Moodle and one was custom). If someone wants to see a detailed explanation of what is going on, then you can see my blog posting at https://www.unicon.net/about/blog/moodles-race-with-cas-server. -- *John Gasper* IAM Consultant Unicon, Inc. PGP/GPG Key: 0xbafee3ef -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user