Thank you for a quick reply Scott.You are right, when I give a different service parameter to the login URL, I'm getting the login prompt.
I understand that the cookie still exists (because a. it did not expire; b. browser wasn't closed; c. the user did not delete the cookies from the browser). But since the corresponding TGT does not exist anymore, should I not be prompted for the login credentials? How does the service parameter impact this behavior? Can you please elaborate. Feels like a huge load has been lifted off my chest. I'm really thankful to this forum for their continued help. I have a working CAS server :) Regards, Kristin. On Nov 15, 2007 11:11 AM, Scott Battaglia <[EMAIL PROTECTED]> wrote: > You're seeing expected behavior. Your cookie exists in between Tomcat > shutdowns. If you try to access another service however, you will be > prompted for credentials because even though the cookie still exists client > side (the browser) there is no corresponding TicketGrantingTicket on the CAS > Server. > > -Scott > > > > On Nov 15, 2007 12:46 PM, Kristin Coles <[EMAIL PROTECTED]> wrote: > > Thanks for your suggestion Nicolas. It DID DISABLE session > > persistence. Proof is the following message in Tomcat logs during > > startup. > > > > [org.apache.catalina.session.PersistentManagerBase] : No Store > > configured, persistence disabled > > > > However, when I restart Tomcat and go to https://kristin/login, I > > still get the message "You have successfully logged into the Central > > Authentication Service."! > > > > #Tomcat\conf\server.xml > > <Host name="kristin" appBase="webapps" > > > > unpackWARs="true" autoDeploy="true" > > xmlValidation="false" xmlNamespaceAware="false" > expireSessionsOnShutdown="true"> > > <Context path="" docBase="cas"> > > > > <Manager className="org.apache.catalina.session.PersistentManager" > > debug="0" saveOnRestart="false"></Manager> > > </Context> > > </Host> > > > > I am completely stumped! CAS and Tomcat guru's please advise! > > > > Regards, > > Kristin > > > > > > > > > > On Nov 14, 2007 11:03 PM, Nicolas Clemeur < [EMAIL PROTECTED]> wrote: > > > > > > > Thank you very much Scott! I got the browser REFRESH issue resolved by > > > > redirecting to the same URL without the ticket. If not for your reply, > > > > it would have taken me a long time to figure it out! :) > > > > > > > > The TGTs are persisting between Tomcat restarts though. I am still > > > > unable to disable session persistence in Tomcat. > > > > > > > > I have tried the following to disable session persistence in Tomcat. > > > [...] > > > > Can anyone please help me. > > > > > > > > > > I think if you add the following in your context.xml , it should disable > session > > > persistence: > > > > > > <!-- This prevent tomcat to serialize session object on shutdown --> > > > <Manager className="org.apache.catalina.session.PersistentManager " > > > saveOnRestart="false"/> > > > > > > > > > _______________________________________________ > > > Yale CAS mailing list > > > [email protected] > > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > -- > > > -Scott Battaglia > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
