Re: Interesting "caching" problem - anyone using a Gmail "channel" in Ellucian's "Luminis" portal??

["SCHALIP, MICHAEL" <mschalip () CNM EDU>]

Hi Justin,

Unfortunately - yes, we have tried this, (in Chrome and IE), but the problem appears to persist.  According to Google - 
this persistent cookie thing is an integral part of their own security model??

M

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jones, 
Justin
Sent: Monday, August 4, 2014 7:55 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Interesting "caching" problem - anyone using a Gmail "channel" in Ellucian's "Luminis" portal??

Michael-

I personally have not seen this, but have you tried forcing the browser to clear all cached files when the browser is 
closed?  In Firefox it is located in Options -> Privacy -> Click the check box:  Clear history when Firefox closes.  In 
Chrome, I do not see anything like what is seen in Firefox, I will play with Chrome some more and report my findings.  
In IE:  Go to Internet Options -> Browsing History section under the General Tab and click Delete browsing history on 
exit.

Hopefully this will fix the issue you are seeing with Luminis and Gmail.

Thank you-
Justin Jones

Office of Research Administration
Indiana University

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of SCHALIP, 
MICHAEL
Sent: Monday, August 04, 2014 9:46 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Interesting "caching" problem - anyone using a Gmail "channel" in Ellucian's "Luminis" portal??

Hi folks,

We have an interesting, yet troubling, problem.  We use Ellucian's "Luminis" portal as part of our Banner system - and 
one of the "channels" that we have on our Luminis portal is directly to Gmail, because we outsourced our student email 
to Google about 2 years ago.  What we have discovered is:
1.      "Student A" walks up to an open kiosk system in our Admissions area and logs in to Luminis with their own 
credentials
2.      "Student A" clicks on the Gmail "channel" in the Luminis portal and checks their email
3.      "Student A" finishes reading their email and just closes the active window, (ie, clicks on the "X" in the upper 
right corner of the window) and walks away....
4.      Now - "Student B" walks up to the same open kiosk - they open a new browser window and is prompted to login to 
Luminis with their own credentials
5.      "Student B" clicks on the Gmail channel in the Luminis portal to check their email
6.      PROBLEM - what "Student B" finds is that they are NOT in their own email - in fact, "Student B" has full access 
to "Student A's" email, because the cookie left behind by Google with the first student has kept the session active, 
even once the browser is closed.

....and the browser doesn't seem to matter.  It works this way in IE, Chrome - all versions, apparently.

We've run this problem all the way up to Ellucian *and* Google.  Google says everything is "working as designed" - 
there's no way to keep the cookie from remaining resident and active, as long as the system isn't rebooted.  The only 
thing that *appears* to work is making the student explicitly logout of the Luminis session when they are done.....but 
- since these systems are setup to be self-service kiosks, there's not always someone there to remind students to "log 
off before you leave", so we have students closing the window thinking that they've "logged off", but the next student 
steps up, logs in, and gets the previous student's email.

The problem doesn't seem to occur with any other "channels" - and we've tried just about everything within the browser, 
with the Gmail settings, popup blockers, security settings on the OS, etc.  Ellucian seems to be very perplexed by our 
inquiries - seems that no one else is experiencing this except us....??

Anyone else see or experience anything like this?

Anyone else already *solve* a problem like this?

Thanks for your time and consideration.....

Michael Schalip
Dir, ITS/Customer Support Services
Central New Mexico Community College


--
This message has been scanned for viruses and
dangerous content by MailScanner<http://www.mailscanner.info/>, and
no known threats were found.

--
This message has been scanned for viruses and
dangerous content by MailScanner<http://www.mailscanner.info/>, and is
believed to be clean.

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and 
no known threats were found.