views:

273

answers:

2

Hi,

we have made an extension to OWA page, connecting to a web application running in Tomcst. The content served by this application is shown in an iframe inside OWA page using isapi. This is working everywhere but in a customer where the session cookies set by OWA (sessionid and cadata ) get deleted as soon as a succesful login is done in the Tomcat application. After this, OWA redirects to its login page. As I said this is happening in only one customer out of about fifty so I guess it cannot be anything with our application but it must be something in the OWA's IIS configuration. The same behaviour is observed both with IE and Firefox. Any idea? Thanks

A: 

Cookies are bound to a specific (sub)domain and path. It sounds like that the login redirects the user to a (sub)domain/path which isn't covered by the cookie. Debug the HTTP headers for sent/received cookies and check the request URL's as well.

BalusC
Thank you for the answer. We have found the issue. The problem was caused by a reference to an unexisiting image file in one of the CSS used by the page opened after a successful authentication by the application in Tomcat ( it was referecing one image file present in OWA 2003 but not in OWA 2007 ). This was causing a 401 error and the customer had a rule in the OWA IIS that made 401 errors be redirected to the OWA logon page , closing the current session.
jlcl
A: 

Thanks for the lead. The unexisting image reference in an email signature was closing a persons OWA session. Like the original post 50 others where ok, except for one person...

Leigh