Thanks Marvin, I had found what you referenced below re the services manager, but this is not the services manager that is giving us a problem. I found the redirect in index.jsp but we're experiencing some strange behaviour intermittently when running multiple nodes behind a load balancer. Occasionally we see a 302 redirect to the login page in the browser whilst running test scripts with known user credentials, i.e. we expect login to succeed. I'm wondering if some exception is being thrown and swallowed (nothing in the logs) which is then handled by a redirect back to the login page. Any ideas?
Thanks, Matt ________________________________________ From: Marvin Addison [marvin.addi...@gmail.com] Sent: 30 September 2011 20:06 To: cas-user@lists.jasig.org Subject: Re: [cas-user] Under what conditions does CAS respond with a 302 redirect? > Do you know under what conditions CAS will respond with a 302 redirect to > the /login URL? The only case I'm aware of is the one you implied in your post: accessing the service manager which is itself protected by CAS (ala Spring Security filter chain). > does it simply take the value and set it as the Location header value? > would it perhaps be supplying only /cas/login and the full URL is > constructed by the servlet container? I had to do code review, but it appears the latter. See for yourself: 1. http://git.springsource.org/spring-security/spring-security/blobs/3.0.x/cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationEntryPoint.java 2. https://source.jasig.org/cas-clients/java-client/trunk/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java http://download.oracle.com/javaee/5/api/javax/servlet/http/HttpServletResponse.html#sendRedirect%28java.lang.String%29 indicates that the servlet container knows how to compute an absolute URL from a context-relative one. M -- You are currently subscribed to cas-user@lists.jasig.org as: matt.k...@bskyb.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user Information in this email including any attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received it in error, please notify the sender by return e-mail and delete it from your system. You should not reproduce, distribute, store, retransmit, use or disclose its contents to anyone. Please note we reserve the right to monitor all e-mail communication through our internal and external networks. SKY and the SKY marks are trade marks of British Sky Broadcasting Group plc and are used under licence. British Sky Broadcasting Limited (Registration No. 2906991), Sky Interactive Limited (Registration No. 3554332), Sky-In-Home Service Limited (Registration No. 2067075) and Sky Subscribers Services Limited (Registration No. 2340150) are direct or indirect subsidiaries of British Sky Broadcasting Group plc (Registration No. 2247735). All of the companies mentioned in this paragraph are incorporated in England and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD. -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user