Hello all,

I am experiencing a strange issue accessing webseal protected application using Internet Explorer 11.

When I access the application URL (through webseal), webseal prompts for form based authentication as configured. I provide the the login credentials and then webseal opens the backend application login page. Now, at this point, if I refresh the browser URL or press the submit button on the application login page after entering the application credentials, webseal again displays its form based authentication login page (session gone).

I recreated the above mentioned use case from another system running IE 11 and this behavior was not observed. The session worked fine there.

What could possibly be the cause?

Regards,

------------------------------
Jahanzaib Sarwar
------------------------------

My initial thought would be that the WebSEAL session cookie is for some reason not being stored on IE or not subsequently sent to WebSEAL on the later request so WebSEAL is not able to locate the existing authenticated session for the user, resulting in another authentication prompt.

------------------------------
Phil Goodman
IBM ISAM Support
------------------------------

Original Message:
Sent: Thu January 09, 2020 01:12 PM
From: Jahanzaib Sarwar
Subject: IE 11 killing webseal session

Hello all,

I am experiencing a strange issue accessing webseal protected application using Internet Explorer 11.

When I access the application URL (through webseal), webseal prompts for form based authentication as configured. I provide the the login credentials and then webseal opens the backend application login page. Now, at this point, if I refresh the browser URL or press the submit button on the application login page after entering the application credentials, webseal again displays its form based authentication login page (session gone).

I recreated the above mentioned use case from another system running IE 11 and this behavior was not observed. The session worked fine there.

What could possibly be the cause?

Regards,

------------------------------
Jahanzaib Sarwar
------------------------------

Hi,

webseal session-id (cookie, PD-ID)is set post authentication. You can check whether the browser is sending back the authenticated webseal session-id (cookie, PD-ID) to webseal after refresh. Chances are that it is dropped by browser and hence webseal challenges for re-login.

Also ensure you set resend-webseal-cookies=yes > https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.2/com.ibm.isam.doc/wrp_stza_ref/reference/ref_resnd_ws_ckies.html

Good to compare with the working IE11 client machine and compare it. You can either use debug logging and/or browser http debugger like fiddler tracing to know where the cookie is dropped.

------------------------------
Prashant Kamat
------------------------------

Original Message:
Sent: Thu January 09, 2020 01:12 PM
From: Jahanzaib Sarwar
Subject: IE 11 killing webseal session

Hello all,

I am experiencing a strange issue accessing webseal protected application using Internet Explorer 11.

When I access the application URL (through webseal), webseal prompts for form based authentication as configured. I provide the the login credentials and then webseal opens the backend application login page. Now, at this point, if I refresh the browser URL or press the submit button on the application login page after entering the application credentials, webseal again displays its form based authentication login page (session gone).

I recreated the above mentioned use case from another system running IE 11 and this behavior was not observed. The session worked fine there.

What could possibly be the cause?

Regards,

------------------------------
Jahanzaib Sarwar
------------------------------

Hi,
It is recommended to compare the security patch level for Internet Explorer 11 from client machine and other machines. Seems there is no problem with Webseal session cookie.

------------------------------
Padam Khatana
------------------------------

Original Message:
Sent: Fri January 10, 2020 04:11 AM
From: Prashant Kamat
Subject: IE 11 killing webseal session

Hi,

webseal session-id (cookie, PD-ID)is set post authentication. You can check whether the browser is sending back the authenticated webseal session-id (cookie, PD-ID) to webseal after refresh. Chances are that it is dropped by browser and hence webseal challenges for re-login.

Also ensure you set resend-webseal-cookies=yes > https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.2/com.ibm.isam.doc/wrp_stza_ref/reference/ref_resnd_ws_ckies.html

Good to compare with the working IE11 client machine and compare it. You can either use debug logging and/or browser http debugger like fiddler tracing to know where the cookie is dropped.

------------------------------
Prashant Kamat

Original Message:
Sent: Thu January 09, 2020 01:12 PM
From: Jahanzaib Sarwar
Subject: IE 11 killing webseal session

Hello all,

I am experiencing a strange issue accessing webseal protected application using Internet Explorer 11.

When I access the application URL (through webseal), webseal prompts for form based authentication as configured. I provide the the login credentials and then webseal opens the backend application login page. Now, at this point, if I refresh the browser URL or press the submit button on the application login page after entering the application credentials, webseal again displays its form based authentication login page (session gone).

I recreated the above mentioned use case from another system running IE 11 and this behavior was not observed. The session worked fine there.

What could possibly be the cause?

Regards,

------------------------------
Jahanzaib Sarwar
------------------------------