[EP-tech] Re: EPrints webserver authentication, skipping authentication?
Ian Stuart
Ian.Stuart at ed.ac.uk
Tue Jan 22 15:25:54 GMT 2013
Firstly, it depends on what you mean by "another broswer": if you open
another Chrome, Firefox, or IE window, it just reuses the same core
process, with another GUI.... so its actually the same as opening
another tab.
It depends, to a certain extent, on how the external Shibb
authentication was done - but my experience of it (a few years ago now)
was that Shibb sets a cookie, which is global for the browser - so the
same behaviour would happen for any other service that uses the shibb
system (which is where I noticed the behaviour)
You'll also find that if you log out of the service, but don't close the
browser, you'll probably be logged in again automagically when you
return to the site again.
On 22/01/13 15:14, Jose Martin wrote:
> Hi,
>
> Has anyone implemented EPrints webserver authentication as in
> http://files.eprints.org/738/?
>
> I have integrated a 3.3.10 repository with an external Shibboleth
> authentication system, but it seems that once a session is successfully
> started, you can launch another browser and upon clicking “Login”, it
> will “steal” the other browser’s session and display the “Manage
> deposits | Profile...” options.
>
> Apparently, it reuses the login ticket from the former, valid session.
>
> Has anyone noticed this behaviour as well?
>
--
Ian Stuart.
Developer: ORI, RJ-Broker, and OpenDepot.org
Bibliographics and Multimedia Service Delivery team,
EDINA,
The University of Edinburgh.
http://edina.ac.uk/
This email was sent via the University of Edinburgh.
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
More information about the Eprints-tech
mailing list