jahanson
commented
9 years ago Also, I noticed that cookies were being sent in the authorize request on chrome and not ie. Such as the idsrv.* cookies
Closed jahanson closed 9 years ago
jahanson
commented
9 years ago Also, I noticed that cookies were being sent in the authorize request on chrome and not ie. Such as the idsrv.* cookies
brockallen
commented
9 years ago IE has issues with iframes if the hosting page's origin is in a different zone than the iframe's origin. IOW, IE just might not work as well. There's not much I can do about IE's security policies.
jahanson
commented
9 years ago Can you suggest a fix or work around?
brockallen
commented
9 years ago Well, if that's in fact the problem, then ensure that the web app and token service are in the same IE zones.
jahanson
commented
9 years ago That doesn't seem practical to uproot the authentication service for one app. Thank you though for your effort :)
brockallen
commented
9 years ago Right -- and that's what I meant by "not much I can do about IE". I'd double check that this is the problem -- IOW, try to repro it on a test environment with the two servers in different zones.
jahanson
commented
9 years ago It's fairly easy to reproduce, all you have to do is launch the project with the identity server configuration of the off-site server. I reproduced it last night before I submitted the question. I'll have to make it so it connects through ajax instead of iframes then since there's not much we can do about IE's security policies.
brockallen
commented
9 years ago Yep. Ok, can we close this issue now?
Identity server version v2.0.0-build00065 oidc-token-manager version 0.1.2
I'm using the sample provided in the repository. In Chrome 43 silent renew is successful in retrieving a new token through the frame.html indefinitely but when I try it in ie 11 it fails grabbing the new token with the error "login_required".
These are the logs when IE tries to request the new token. If you need more let me know.