Issue #863 has been updated by Jeff G.
My original explanation of the issue is wrong. I may have figured out what's happening, but still looking into a fix. If a user is not already authenticated in CAS, they are redirected to login to CAS. I believe the token is consumed during this page load and hence it is expired after they properly authenticate on the page. I'll need to see if the CAS code is sitting before or after the token consumption. ---------------------------------------- Bug #863: Password Token Expiring http://tools.lsc-project.org/issues/863 Author: Jeff G Status: New Priority: High Assigned to: Category: Self Service Password Target version: self-service-password-? It seems the password tokens expire when a new one is requested, even for completely different people. If I request a password reset token for client A, then 5 minutes later for client B, client A will no longer be able to reset their password using the token they were sent. Is this normal? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
