Uploaded image for project: 'jboss.org'
  1. jboss.org
  2. ORG-3250

jboss.org SSO server has problems with gateway mode if cookie with expired TGT is provided

    XMLWordPrintable

Details

    • 5
    • ORG-Sprint 11

    Description

      Based on ticket from one user I did investigation and it seems that SSO gateway mode does not work correctly if browser sends SSO cookie with expired TGT.

      Login page is shown to the user in this case, and "Red Hat" social login provider do not work on it.

      I was able to reproduce the problem in Chrome with use of https://issues.jboss.org/browse/JBIDE-18700 url. Common chrome window showed me login page (even gateway param was in login url), but new window in incognito mode correctly showed the jira issue with not logged in user.

      Only difference was that SSO cookie with expired token has been sent by common window.

      Attachments

        Activity

          People

            velias@redhat.com Vlastimil Eliáš
            velias@redhat.com Vlastimil Eliáš
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: