Thank you John,
2014-08-22 19:38 GMT+02:00 John Gasper <jgas...@unicon.net>:
> Hey all,
>
> I wanted to share an issue I found and the fix so that perhaps someone in
> the community can benefit. Moodle's CAS auth code (in version 2.6 and
> likely others) request a gateway authN request immediately before
> requesting the standard authN request. In theory this causes two Java web
> sessions to be created and ended, but in some cases (when the request and
> responses have little latency) the first session hasn't ended yet because
> it's on a 2 second delay before exploding.
>
> In this latter case, the Login form is shown and the session expires while
> the user is typing in their credentials.
>
> The fix from the CAS Server side is actually pretty simple. In the
> cas-servlet.xml file, the terminateWebSessionListener bean's
> timeToDieInSeconds property needs to be set to zero (0), like this:
>
> <bean id="terminateWebSessionListener"
> class="org.jasig.cas.web.flow.TerminateWebSessionListener"
>
> p:serviceManagerUrl="${cas.securityContext.serviceProperties.service}"
> p:timeToDieInSeconds="0" />
>
> Then the session dies immediately after the webflow ends instead of
> waiting two seconds. I don't know if there is a down side to making this
> change or not, but so far it has worked for two client applications (one
> Moodle and one was custom).
>
> If someone wants to see a detailed explanation of what is going on, then
> you can see my blog posting at
> https://www.unicon.net/about/blog/moodles-race-with-cas-server.
>
> --
> *John Gasper*
> IAM Consultant
> Unicon, Inc.
> PGP/GPG Key: 0xbafee3ef
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> vallee.rom...@gmail.com
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
