It means that if the browser is closed then yes, the session is ended and a new session will need to be started. The length of the cookie can be changed. However, this should not be done if there is a chance the web sites will be accessed from a public location.
-Scott On 4/18/07, Sandeep Shetty <[EMAIL PROTECTED]> wrote:
Hi Scott, does it mean that if the user closes his browser then the cookie is lost? so if he opens a new browser window (new session) he will have to supply authentication to CAS again... is there a way to set long lived cookies using CAS so the cookie does not die when the browser closes? Thanks for your help again Scott, Sandeep -----Original Message----- *From:* Scott Battaglia [mailto:[EMAIL PROTECTED] *Sent:* 18 April 2007 12:56 *To:* Yale CAS mailing list *Subject:* Re: multiple domains Sandeep, CAS will place a cookie (called a Ticket Granting Cookie) in the browser's session. When the user is redirected to CAS, it reads the ticket. If the ticket is valid, it generates a service ticket for that service (a Ticket Granting Ticket is tied to a user). Otherwise it will ask the user to authenticate. -Scott On 4/18/07, Sandeep Shetty <[EMAIL PROTECTED]> wrote: > > Hi Scott, thanks for your explanation, couple more questions... > > what happens next time when the same browser asks for the same service > but this time from a different domain. does the user have to authenticate > again? if not how does CAS know that it is the same user? > > Thanks a lot! > Sandeep > > -----Original Message----- > *From:* Scott Battaglia [mailto:[EMAIL PROTECTED] > *Sent:* 17 April 2007 19:47 > *To:* Yale CAS mailing list > *Subject:* Re: multiple domains > > CAS can authenticate services from any domain. Services redirect to the > CAS server, a ticket is generated and then the browser is redirected back > the service with the ticket: > http://www.ja-sig.org/products/cas/overview/cas2_architecture/index.html > > > -Scott > > On 4/17/07, Sandeep Shetty < [EMAIL PROTECTED]> wrote: > > > > Hi, > > > > the overview and examples given in the overview suggests that it works > > for sub domains eg: mail.yale.edu, secure.yale.edu etc... i > > was wondering (and could not understand is) how does CAS overcome the > > multiple domain issue, as in how does it persist user session information > > across multiple domains. One way do to it is cookies and redirection as > > suggested below > > > > > > *<http://www.15seconds.com/issue/971108.htm> > > http://www.15seconds.com/issue/971108.htm* > > > > ** > > > > *does it use a similar concept?* > > > > *Regards, > > Sandeep* > > > > ** > > > > > > > > -----Original Message----- > > *From:* Scott Battaglia [mailto:[EMAIL PROTECTED] > > *Sent:* 17 April 2007 16:28 > > *To:* Yale CAS mailing list > > *Subject:* Re: multiple domains > > > > I don't believe there is any specific document on it. Its not a > > special case or anything. Its what CAS does. > > > > The overview on our web site may be of some assistance: > > http://www.ja-sig.org/products/cas/overview/index.html > > > > -Scott > > > > On 4/17/07, Sandeep Shetty < [EMAIL PROTECTED]> wrote: > > > > > > apologies, i think my email was incomplete, i meant if there was a > > > doc/article of CAS being used across multiple domains that i could refer to. > > > I tried to google for it but could not find. > > > > > > Thanks again, > > > Sandeep > > > > > > -----Original Message----- > > > *From:* Sandeep Shetty [mailto:[EMAIL PROTECTED] > > > *Sent: *17 April 2007 16:10 > > > *To:* 'Yale CAS mailing list' > > > *Subject:* RE: multiple domains > > > > > > Hi scott, > > > > > > thanks for your reply, is there an article/doc abt it I can read? > > > > > > Thanks a lot > > > Sandeep > > > > > > > > > > > > -----Original Message----- > > > *From:* Scott Battaglia [mailto:[EMAIL PROTECTED] > > > *Sent: *17 April 2007 13:32 > > > *To:* Yale CAS mailing list > > > *Subject:* Re: multiple domains > > > > > > Yes, CAS can work in an environment where there are multiple domains > > > as each request for authentication is redirected to the CAS server (vs. > > > trying to read a cookie). > > > > > > -Scott > > > > > > On 4/17/07, Sandeep Shetty < [EMAIL PROTECTED]> wrote: > > > > > > > > Hi Guys, > > > > > > > > is it possible to use CAS in an environment where we have multiple > > > > domains > > > > eg: > > > > > > > > www.abc.com , www.xyz.com and www.pqr.com and want a single logon > > > > for all > > > > those portals, i.e if i log on to www.abc.com and then if i go to > > > > www.xyz.com i am already logged in. > > > > > > > > Thank you for your help! > > > > > > > > Regards, > > > > Sandeep > > > > > > > > > > > > > > > > This email is confidential and may also be privileged. If you are > > > > not the intended recipient please notify us immediately by telephoning +44 > > > > (0)20 7452 5300 or email [EMAIL PROTECTED] You should not > > > > copy it or use it for any purpose nor disclose its contents to any other > > > > person. Touch Local cannot accept liability for statements made which are > > > > clearly the sender's own and are not made on behalf of the firm. > > > > > > > > Touch Local Limited > > > > Registered Number: 2885607 > > > > VAT Number: GB896112114 > > > > Cardinal Tower, 12 Farringdon Road, London EC1M 3NN > > > > +44 (0)20 7452 5300 > > > > > > > > _______________________________________________ > > > > Yale CAS mailing list > > > > [email protected] > > > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > > > > > > > -- > > > -Scott Battaglia > > > > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > > > This email is confidential and may also be privileged. If you are > > > not the intended recipient please notify us immediately by telephoning +44 > > > (0)20 7452 5300 or email [EMAIL PROTECTED] You should not > > > copy it or use it for any purpose nor disclose its contents to any other > > > person. Touch Local cannot accept liability for statements made which are > > > clearly the sender's own and are not made on behalf of the firm. > > > > > > Touch Local Limited > > > Registered Number: 2885607 > > > VAT Number: GB896112114 > > > Cardinal Tower, 12 Farringdon Road, London EC1M 3NN > > > +44 (0)20 7452 5300 > > > > > > > > > _______________________________________________ > > > Yale CAS mailing list > > > [email protected] > > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > > > -- > > -Scott Battaglia > > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > This email is confidential and may also be privileged. If you are not > > the intended recipient please notify us immediately by telephoning +44 (0)20 > > 7452 5300 or email [EMAIL PROTECTED] You should not copy it > > or use it for any purpose nor disclose its contents to any other person. > > Touch Local cannot accept liability for statements made which are clearly > > the sender's own and are not made on behalf of the firm. > > > > Touch Local Limited > > Registered Number: 2885607 > > VAT Number: GB896112114 > > Cardinal Tower, 12 Farringdon Road, London EC1M 3NN > > +44 (0)20 7452 5300 > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > -- > -Scott Battaglia > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > This email is confidential and may also be privileged. If you are not > the intended recipient please notify us immediately by telephoning +44 (0)20 > 7452 5300 or email [EMAIL PROTECTED] You should not copy it or > use it for any purpose nor disclose its contents to any other person. Touch > Local cannot accept liability for statements made which are clearly the > sender's own and are not made on behalf of the firm. > > Touch Local Limited > Registered Number: 2885607 > VAT Number: GB896112114 > Cardinal Tower, 12 Farringdon Road, London EC1M 3NN > +44 (0)20 7452 5300 > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia This email is confidential and may also be privileged. If you are not the intended recipient please notify us immediately by telephoning +44 (0)20 7452 5300 or email [EMAIL PROTECTED] You should not copy it or use it for any purpose nor disclose its contents to any other person. Touch Local cannot accept liability for statements made which are clearly the sender's own and are not made on behalf of the firm. Touch Local Limited Registered Number: 2885607 VAT Number: GB896112114 Cardinal Tower, 12 Farringdon Road, London EC1M 3NN +44 (0)20 7452 5300 _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
