Scott, I have more information. The log says that it revoked the ticket. In the code it says that this means that "This didn't resolve to a ticket in the TicketStore. Revoke it.". I'm not sure why this would happen to a valid ticket. Any insight?
Amanda On Wed, Apr 18, 2012 at 9:18 AM, Amanda Buczkowski <[email protected]>wrote: > Scott, > > We do have a lot of AJAX calls going on behind the scenes, but we don't > have any on a timer. We did add a refresh header to a 'KeepSessionAlive' > page that is included in the master page. The Page_Load event contains the > following code "Response.AddHeader("Refresh", > Convert.ToString((Session.Timeout * 60) - 120));" I checked, and the > Refresh is set to 478, so I don't think that this is causing the problem. > I was able to duplicate it after letting it sit there for an hour and a > half. > > The problem has occurred in Chrome and Firefox. (both the latest version) > I can't confirm that it hasn't happened in IE, but most of our users are > not using IE. We really don't have any cookies besides the SessionId > cookie and the Auth cookie. > > Amanda > > On Tue, Apr 17, 2012 at 9:43 PM, Scott <[email protected]> wrote: > >> Hi Amanda, >> >> The CasAuthenticationModule is essentially passive. Just as with Forms >> Auth without the CAS client, the Forms Authentication timeout property and >> the slidingExpiration property are the only things that would affect the >> authenticated state of a user over time. >> >> Forms Authentication will generally redirect to the login page when the >> user attempts to navigate to a URL or invoke a service that requires >> authentication or where the user isn't authorized to access the resource. >> Do you have any kinds of AJAX calls going on behind the scenes, most >> likely ones that are running on a timer? Anothing thing to look into is >> whether it's specific to particular browsers. By any chance, is your site >> generating lots of cookies unrelated to authentication? >> >> Also, keep in mind that session state and forms authentication are >> separate. If you are using the Session to store security-related >> information, you should invalidate the forms authentication ticket when the >> session expires or is terminated and vice-versa. >> >> -Scott >> >> On Tue, Apr 17, 2012 at 2:11 PM, Amanda B <[email protected]> wrote: >> >>> I'm using the .Net Cas Client, and I'm having a problem where the user >>> is redirected to the CAS screen after sitting idle for a period of time. >>> (it's difficult to tell how long this time period is, but I was able to >>> reproduce it after waiting an hour) >>> >>> Instead of serviceName, the url parameter is ReturnUrl and it does not >>> contain the server url. I set the Forms authentication timeout to 480, >>> (the session timeout is also 480), so I don't understand why this is >>> happening and more importantly, I don't know how to fix it. Any help would >>> be appreciated. >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > > > -- > Amanda Buczkowski > Lead Software Developer > Back Office Support Systems > > -- Amanda Buczkowski Lead Software Developer Back Office Support Systems -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
