** Security C ** ** Security C ** Dear all : Problem Description : I adapted our system to CAS. On simple environment(standalone), this CASTGC cookie always ok at my browser client. But, when I migrated system to complex environment(haproxy+cluster). my browser always could not found this CASTGC cookie. So, I open HAProxy debug mode and review output log. This CASTGC cookie had arrived to HAProxy, but can't to my browser. For this problem, I don't know how to solve it. Could you help me, thanks!
1.Below image present our SSO Architecture. 2.Below is our configure of HAProxy : cookie JSESSIONID prefix cookie CASTGC indirect preserve secure capture cookie CASTGC len 63 3.Below is our HAProxy's partial debug log : 73/0/1/182/256 302 656 - CASTGC=TGT-98-ADcUE6hsd5zyppApgu76EkEfscDupu9OGFazAMAy9bZPKXGnC --NP 0/0/0/0/0 0/0 "POST /TdaJSFWeb/login?service=http://tdatwo.kh.asegroup.com/TdaJSFWeb/welcome.ase HTTP/1.1" 73/0/1/182/256 302 656 - CASTGC=TGT-98-ADcUE6hsd5zyppApgu76EkEfscDupu9OGFazAMAy9bZPKXGnC --NP 0/0/0/0/0 0/0 "POST /TdaJSFWeb/login?service=http://tdatwo.kh.asegroup.com/TdaJSFWeb/welcome.ase HTTP/1.1" 74/0/0/19/93 302 199 - - --NN 0/0/0/0/0 0/0 "GET /TdaJSFWeb/welcome.ase?ticket=ST-98-w67V0Y3G6Z2yEQwPk0zt-khtrdsso01.kh.asegroup.com HTTP/1.1" Samuel Liang Advanced Semiconductor Engineering Group Tel : 886-7-3636641 # 84508 .Fax : 886-7-3636663 Email Address : [email protected] 2014/08/06 ----- ASE Confidentiality Notice ----- The preceding message (including any attachments) contains proprietary information that may be confidential, privileged, or constitute non-public information. It is to be read and used solely by the intended recipient(s) or conveyed only to the designated recipient(s). If you are not an intended recipient of this message, please notify the author or sender immediately either by replying to this message or by telephone at 886-7-3617131 and delete this message (including any attachments hereto) immediately from your system. You should not read ,retain, disseminate, distribute, copy or use this message in whole or in part for any purpose, not disclose all or any part of its content to any other person. ----- ASE Confidentiality Notice -----
