Hi everyone.
I'm looking in CAS's documents for something similar to the "cookie usage
policy". You know, the typical page where you inform to users who will be
login in CAS, about the cookie treatment and their personal data.
The only that I could found was these
links:
https://apereo.githu
Jack
Where do you see this comment 'CAS Cookie"?
Ray
On Sat, 2020-03-14 at 01:15 -0400, Jack wrote:
How to change CAS Cookie Comment from "CAS Cookie" to "MyEDU SSO Cookie" ?
Name can be changed, but the question is about the comment.
Thanks!
--
Ray Bon
Programmer Analyst
Development Service
How to change CAS Cookie Comment from "CAS Cookie" to "MyEDU SSO Cookie" ?
Name can be changed, but the question is about the comment.
Thanks!
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: htt
Hi all,
While I do agree that allowing CAS session after browser close is very much
a security vulnerability and would suggest against it, there is indeed a
config to allow such thing to happen:
https://apereo.github.io/cas/6.0.x/configuration/Configuration-Properties.html#ticket-granting-cooki
You can enable the remember me feature from CAS if that solves the problem.
On Sat, 21 Sep 2019, 12:46 am Ray Bon, wrote:
> Merve,
>
> Allowing CAS session after browser close would be a HUGE security
> vulnerability. Do not try to get around this, do not even think about it.
>
> Ray
>
> On Fri,
Merve,
Allowing CAS session after browser close would be a HUGE security
vulnerability. Do not try to get around this, do not even think about it.
Ray
On Fri, 2019-09-20 at 05:42 -0700, merve ceylan wrote:
Hi,
The application will register how the user reads from the cas's database. After
log
No, you can't put a timeout on it. That's now how session cookies work.
Again, if you want an application to stay logged in across browser
invocations, that is the application's responsibility.
I do not understand what you mean by "the application will register how the
user reads from the cas's da
Hi,
The application will register how the user reads from the cas's database.
After logging into the cas application with casuser without connecting the
application, I close the browser and it is automatically logout. Is this
Cas's working mechanism? Can't we put a timeout for that?
Thanks,
2
That's how it's supposed to work. The CAS cookies are session cookies. When
you end the session (close your browser), the cookies are deleted.
Managing application sessions is outside of CAS' scope. If an application
wants to stay logged in across browser sessions, then that application
should hav
Hello,
After logging in with cas, when I close the browser and open it again, it
becomes a logout and the login screen appears again. Session closes and the
cookie is deleted. What should I do to avoid logout when I close the
browser?
Thanks,
--
- Website: https://apereo.github.io/cas
- Gitt
10 matches
Mail list logo
