0001008: CAS: potentlal issues with concurrent requests - SOGo

ID	Project	Category	View Status	Date Submitted	Last Update

0001008	SOGo	Web General	public	2010-11-23 14:25	2011-01-05 20:30

Reporter	~~wsourdeau~~	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	new	Resolution	open

Summary	0001008: CAS: potentlal issues with concurrent requests
Description	Certain user actions in the web interface may trigger many concurrent requests at the same time or at very small time intervals apart. When the CAS ticket has expired, this leads to 2 problems: their will be a race condition as to which request will recover with which ticket. This problem is minor per se. there will be another race condition for setting the "cas-location" cookie, meaning that one request might end up executing the other one after both have authenticated successfully. One possible possible solution would be to identify the "cas-location" cookie with a unique serial number which would be passed back in the CAS fallback request.
Tags	No tags attached.

Date Modified	Username	Field	Change
2010-11-23 14:25	~~wsourdeau~~	New Issue
2010-11-24 16:26	ludovic	Target Version	=> 1.3.5
2011-01-05 20:30	ludovic	Target Version	1.3.5 =>