Accessing elog via www-ad.fnal.gov can't log in
#1 Updated by Kyle Hazelwood almost 3 years ago
- Status changed from New to Resolved
Using the JSP servlet context was not working with the chablis https redirect. When a user attempted to access the elog via http://www-bd... the chablis server would redirect to https://www-ad. However, the elog never sees the new url context and attempts to redirect the user to http://www-bd after login. The authentication code was rewritten and each jsp page base href was updated to /Elog instead of the iffy servlet context. Hopefully it is now fixed.
#4 Updated by Kyle Hazelwood about 2 years ago
- Status changed from Remission to Resolved
This turned out to be a browser specific problem of interepting the JSESSIONID cookie with trailing backslash. Tomcat was conifugred to add a backslash to the domain name in cookies it creates. Chrome, IE, and possibly IOS browsers sometimes did not recognize this as the same domain as cookies they already had thus not keeping the user logged in. The fix was to configure tomcat in the projects Context XML (Elog.xml) to not add the backslash. I also rewrote the authentication scheme to use a servlet instead of a filter to make it less complicated.