after a f2f discussion with mike I see reason that we'd better add the appropriate cache header to /system/sling/info.sessionInfo, appropriate being:
Cache-Control : private, no-store, no-cache, max-age=0, must-revalidate, private, no-store, no-cache, max-age=0, must-revalidate WDYT? > -----Original Message----- > From: Clemens Wyss [mailto:[email protected]] > Sent: Wednesday, September 15, 2010 8:35 AM > To: '[email protected]' > Subject: RE: [sling explorer] Form based auth with IE to no avail :-( > > > looks like an IE caching issue. > If we make the getSessionInfo-URI "unique" > (i.e. prevent caching) it works: > ... > var > res=Sling.httpGet(Sling.baseurl+"/system/sling/info.sessionInf > o."+new Date().getTime()+".json"); > ... > > WDYT? > > > -----Original Message----- > > From: Clemens Wyss [mailto:[email protected]] > > Sent: Wednesday, September 15, 2010 8:10 AM > > To: '[email protected]' > > Subject: RE: [sling explorer] Form based auth with IE to no > avail :-( > > > > > > conclusion: > > in IE the clientside/javascript Sling.getSessionInfo() is not always > > executed (i.e. the http GET call to > > /system/sling/info.sessionInfo.json)! > > > > Place the attached test.html on the root and > > > > a) open it with FF inspecting the two > > /system/sling/info.sessionInfo.json-calls > > in firebug (or fiddler) > > > > b) open it (don't forget the '.' ;-), ie > > http://localhost.:8080/test.html ) > > in IE inspecting the (non existent) > > /system/sling/info.sessionInfo.json-calls > > in fiddler > > > > "not always" is fuzzy, I know, but I really haven't found the > > pattern of IE. > > > > jira issue? > > > > > -----Original Message----- > > > From: Clemens Wyss [mailto:[email protected]] > > > Sent: Wednesday, September 15, 2010 7:39 AM > > > To: '[email protected]' > > > Subject: RE: [sling explorer] Form based auth with IE to no > > avail :-( > > > > > > > > > > I would if fiddler provided me this data (headers), such as > > > > firebug does... > > > --> > > > http://weblogs.asp.net/lorenh/archive/2008/01/10/tip-for-using > > -fiddler-on-localhost.aspx > > the '.' does it!, OMG > > > > I can now proceed debugging the IE traces... > > > > > -----Original Message----- > > > From: Clemens Wyss [mailto:[email protected]] > > > Sent: Tuesday, September 14, 2010 7:22 PM > > > To: '[email protected]' > > > Subject: RE: [sling explorer] Form based auth with IE to no > > avail :-( > > > > > > > > > I would if fiddler provided me this data (headers), such as > > > firebug does... > > > > > > > -----Original Message----- > > > > From: Eric Norman [mailto:[email protected]] > > > > Sent: Tuesday, September 14, 2010 6:42 PM > > > > To: [email protected] > > > > Subject: Re: [sling explorer] Form based auth with IE to no > > > avail :-( > > > > > > > > > > > > Maybe check if IE is getting/sending the sling cookie on the > > > > second request. > > > > > > > > On Sep 14, 2010 9:36 AM, "Clemens Wyss" > > > <[email protected]> wrote: > > > > > > > > Sling Explorer does form based authentication, which works > > > > fine(*) with FF, > > > > Safari and Chrome. Unfortunately neither on IE6 nor on > > IE8 it works. > > > > Debugging revealed that the POSTed form data to > > '/j_security_check' > > > > is equal. Nevertheless if I gather the > > Sling.getSessionInfo() after > > > > the aforementioned POST on IE I get the anonymous "credentials", > > > > whereas on the other browsers I get the expected credentials. > > > > What could possibly be the reason herefore? > > > > > > > > Thx for you help/hints > > > > -- Clemens > > > > > > > > > >
