Thank you John,
2014-08-22 19:38 GMT+02:00 John Gasper <jgas...@unicon.net>: > Hey all, > > I wanted to share an issue I found and the fix so that perhaps someone in > the community can benefit. Moodle's CAS auth code (in version 2.6 and > likely others) request a gateway authN request immediately before > requesting the standard authN request. In theory this causes two Java web > sessions to be created and ended, but in some cases (when the request and > responses have little latency) the first session hasn't ended yet because > it's on a 2 second delay before exploding. > > In this latter case, the Login form is shown and the session expires while > the user is typing in their credentials. > > The fix from the CAS Server side is actually pretty simple. In the > cas-servlet.xml file, the terminateWebSessionListener bean's > timeToDieInSeconds property needs to be set to zero (0), like this: > > <bean id="terminateWebSessionListener" > class="org.jasig.cas.web.flow.TerminateWebSessionListener" > > p:serviceManagerUrl="${cas.securityContext.serviceProperties.service}" > p:timeToDieInSeconds="0" /> > > Then the session dies immediately after the webflow ends instead of > waiting two seconds. I don't know if there is a down side to making this > change or not, but so far it has worked for two client applications (one > Moodle and one was custom). > > If someone wants to see a detailed explanation of what is going on, then > you can see my blog posting at > https://www.unicon.net/about/blog/moodles-race-with-cas-server. > > -- > *John Gasper* > IAM Consultant > Unicon, Inc. > PGP/GPG Key: 0xbafee3ef > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > vallee.rom...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user