Hi, I'm a committer for DSpace [1] (a Java servlet) and I'm working on a bug [2]. This bug presents with the following symptoms:
1) user searches site, finds an item of interest, attempts to access the item, but is not currently logged in, so is presented with a "please enter password" challenge; 2) user chooses to authenticate via Shibboleth and is passed on to a Shibboleth IdP for authentication 3) user authenticates successfully 4) user is returned to the home page of the site, instead of the item previously requested DSpace stores the previously-visited URL in the session. I can see the JSESSIONID cookie at step 1 above. At step 4, the JSESSIONID is new. In other words, the previous session (with the previous URL information) is discarded. I suspect that there is some setting for Tomcat7 I'm missing, Is there some way to tell Tomcat to allow these sessions to persist during the roundtrip to the Shibboleth IdP and back? --Hardy [1] http://dspace.org [2] https://jira.duraspace.org/browse/DS-570 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
