EPrints Technical Mailing List Archive

Message: #01471

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Re: EPrints webserver authentication, skipping authentication?

Firstly, it depends on what you mean by "another broswer": if you open another Chrome, Firefox, or IE window, it just reuses the same core process, with another GUI.... so its actually the same as opening another tab.
It depends, to a certain extent, on how the external Shibb authentication was done - but my experience of it (a few years ago now) was that Shibb sets a cookie, which is global for the browser - so the same behaviour would happen for any other service that uses the shibb system (which is where I noticed the behaviour)
You'll also find that if you log out of the service, but don't close the browser, you'll probably be logged in again automagically when you return to the site again. 

On 22/01/13 15:14, Jose Martin wrote:

Hi,

Has anyone implemented EPrints webserver authentication as in
http://files.eprints.org/738/?

I have integrated a 3.3.10 repository with an external Shibboleth
authentication system, but it seems that once a session is successfully
started, you can launch another browser and upon clicking “Login”, it
will “steal” the other browser’s session and display the “Manage
deposits | Profile...” options.

Apparently, it reuses the login ticket from the former, valid session.

Has anyone noticed this behaviour as well?





--

Ian Stuart.
Developer: ORI, RJ-Broker, and OpenDepot.org
Bibliographics and Multimedia Service Delivery team,
EDINA,
The University of Edinburgh.

http://edina.ac.uk/

This email was sent via the University of Edinburgh.

The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.