At my company we experience such issue. It is in our TODO list, as soon as someone will have time to look into it. It's not considered as major bug. We have found that after successful authentication, obtaining ST from CAS user is correctly logged to service. That's okay. But when we restart that service, or in any other way clear it session storage we have an situation: service cannot recognize user (no session/session cleared) and CAS considers user as authenticated. Service redirects to CAS, and CAS redirects back to service. Jérôme, could you give us a hint, where is the best place to handle this situation? Client side, or CAS core? From my point of view the class that extends CentralAuthenticationService should take care of ST validation. Service couldn't provide valid ST, as user don't even have valid session. We're using CAS 3.5.2 Best regards, Augustyn
On 31 December 2013 09:19, Jérôme LELEU <[email protected]> wrote: > Hi, > > It's a question that should be asked on the cas-user mailing list. > > After a successful authentication, the CAS server will grant a service > ticket to the application which will validate it against the server. After > this successful validation, the web session should store that the user is > authenticated. > > Do you keep the same web session ? Are your service tickets successfully > validated on the CAS server ? > > Thanks. > Best regards, > Jérôme > > > > 2013/12/30 Mitchell Beaufeaux <[email protected]> >> >> I am getting a "too many redirects" error from my web application when CAS >> tries to authenticate. When navigating between pages, it seems to redirect >> back and forth between the CAS login and the intended destination repeatedly >> until the browser throws the "too many redirects" error. It doesn't happen >> every time and there is no pattern to when it happens. >> >> The application uses a load balancer to distribute traffic across multiple >> servers. My hunch is that this might be contributing to the redirect loop. >> Although I'm not sure exactly how. It seems like the authentication ticket >> created by the CAS login is lost at some point. >> >> Has anyone encountered a similiar problem before or know of a solution? >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
