The latest Firefox (v 19.0) on a mac. Regards, Danny
On Fri, Mar 1, 2013 at 8:58 AM, Robert Oschwald < robertoschw...@googlemail.com> wrote: > Are you using Firefox ? > Then this bug might be of interest: > https://bugzilla.mozilla.org/show_bug.cgi?id=443354#c48 > > > Am 01.03.2013 um 14:53 schrieb "Ohsie, David" <david.oh...@emc.com>: > > So I guess the next natural questions, based on the observations posted > here are as follows:**** > > 1) If you close your browser and then reopen it, is the MoodleSession > cookie still there, even though it is marked as "Expires: End of Session". > **** > > 2) What browser and version is that?**** > > If the browser is going to hold on to session cookies even when it is > closed, then I'm not sure what you can do…**** > > David Ohsie**** > Software Architect**** > EMC Corporation**** > > > *From:* Danny Sinang [mailto:d.sin...@gmail.com] > *Sent:* Friday, March 01, 2013 6:26 AM > *To:* cas-user@lists.jasig.org > *Subject:* Re: [cas-user] Public computer login and CAS**** > ** ** > Hi David,**** > ** ** > No, I don't have "Remember Me" turned on.**** > ** ** > As for the cache control headers, I clicked on "View Page Info" while on > my secure page (in Firefox) and this is what I saw :**** > ** ** > <image002.jpg> > > For the session cookie, here's what I saw :**** > <image004.jpg>**** > ** ** > Regards,**** > Danny**** > ** ** > On Thu, Feb 28, 2013 at 2:08 PM, Ohsie, David <david.oh...@emc.com> wrote: > **** > Do you have "Remember Me" turned on?**** > **** > If not, it is possible that either the session cookies from your site are > persistent (with an an explicit Expires/MaxAge) or else the cache control > headers are allowing some pages to remain withing the browser cache.**** > **** > *From:* Danny Sinang [mailto:d.sin...@gmail.com] > *Sent:* Thursday, February 28, 2013 12:55 PM > *To:* cas-user@lists.jasig.org > *Subject:* [cas-user] Public computer login and CAS**** > **** > Hi,**** > **** > I noticed that closing and reopening my browser allows me to access > protected webpages on my CASified site.**** > **** > This could be a problem if I logged in from a public computer (internet > cafe, etc).**** > **** > Is there a way to secure against this ?**** > **** > Regards, > Danny**** > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > david.oh...@emc.com > > **** > > > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user**** > > ** ** > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > david.oh...@emc.com > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user**** > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > d.sin...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user