Re: Interesting "caching" problem - anyone using a Gmail "channel" in Ellucian's "Luminis" portal??

[Panagis Syrigos <syrigos () UMICH EDU>]

Hi,



Can you run those browsers in “in private” for IE, or “incognito” for
Chrome? I’ve found that the cookie is gone after a private/incognito
session is closed.



Thanks,

Panagis



------------------------------

Panagis Syrigos

Systems Administrator II

Library Systems

Library Security Coordinator

University of Michigan Library

(734) 615-6174

------------------------------

And on the 8th day God said, "Ok Murphy, you take over."



*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *SCHALIP, MICHAEL
*Sent:* Monday, August 04, 2014 10:05 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Interesting "caching" problem - anyone using a
Gmail "channel" in Ellucian's "Luminis" portal??



Interestingly – Google’s first inclination was to point us back to
Ellucian/Luminis.  We’ve got a ticket open with them, but I get the feeling
that even Ellucian is scratching their heads……(what’s amazing to us is that
we really seem to be the only ones experiencing this, but – that’s a little
hard to fathom….??)



Thanks,



Michael



*From:* The EDUCAUSE Security Constituent Group Listserv [
mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On
Behalf Of *Jones, Justin
*Sent:* Monday, August 4, 2014 8:01 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Interesting "caching" problem - anyone using a
Gmail "channel" in Ellucian's "Luminis" portal??



Michael-



That is a bummer, and unfortunately Google is the best at security, it
seems.  Do they give a recommendation for how to resolve this, besides
restarting the computer?



Justin



IT Support Developer

Research Support Technical Services (RSTS)

Office of Research Administration

Indiana University

researchadmin.iu.edu



*From:* The EDUCAUSE Security Constituent Group Listserv [
mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On
Behalf Of *SCHALIP, MICHAEL
*Sent:* Monday, August 04, 2014 9:59 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Interesting "caching" problem - anyone using a
Gmail "channel" in Ellucian's "Luminis" portal??



Hi Justin,



Unfortunately – yes, we have tried this, (in Chrome and IE), but the
problem appears to persist.  According to Google – this persistent cookie
thing is an integral part of their own security model??



M



*From:* The EDUCAUSE Security Constituent Group Listserv [
mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On
Behalf Of *Jones, Justin
*Sent:* Monday, August 4, 2014 7:55 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* Re: [SECURITY] Interesting "caching" problem - anyone using a
Gmail "channel" in Ellucian's "Luminis" portal??



Michael-



I personally have not seen this, but have you tried forcing the browser to
clear all cached files when the browser is closed?  In Firefox it is
located in Options -> Privacy -> Click the check box:  Clear history when
Firefox closes.  In Chrome, I do not see anything like what is seen in
Firefox, I will play with Chrome some more and report my findings.  In IE:
Go to Internet Options -> Browsing History section under the General Tab
and click Delete browsing history on exit.



Hopefully this will fix the issue you are seeing with Luminis and Gmail.



Thank you-

Justin Jones



Office of Research Administration

Indiana University



*From:* The EDUCAUSE Security Constituent Group Listserv [
mailto:SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>] *On
Behalf Of *SCHALIP, MICHAEL
*Sent:* Monday, August 04, 2014 9:46 AM
*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Interesting "caching" problem - anyone using a Gmail
"channel" in Ellucian's "Luminis" portal??



Hi folks,



We have an interesting, yet troubling, problem.  We use Ellucian's
"Luminis" portal as part of our Banner system - and one of the "channels"
that we have on our Luminis portal is directly to Gmail, because we
outsourced our student email to Google about 2 years ago.  What we have
discovered is:

1.      "Student A" walks up to an open kiosk system in our Admissions area
and logs in to Luminis with their own credentials

2.      "Student A" clicks on the Gmail "channel" in the Luminis portal and
checks their email

3.      "Student A" finishes reading their email and just closes the active
window, (ie, clicks on the "X" in the upper right corner of the window) and
walks away….

4.      Now - "Student B" walks up to the same open kiosk - they open a new
browser window and is prompted to login to Luminis with their own
credentials

5.      "Student B" clicks on the Gmail channel in the Luminis portal to
check their email

6.      PROBLEM - what "Student B" finds is that they are NOT in their own
email - in fact, "Student B" has full access to "Student A's" email,
because the cookie left behind by Google with the first student has kept
the session active, even once the browser is closed.



….and the browser doesn't seem to matter.  It works this way in IE, Chrome
- all versions, apparently.



We've run this problem all the way up to Ellucian *and* Google.  Google
says everything is "working as designed" - there's no way to keep the
cookie from remaining resident and active, as long as the system isn't
rebooted.  The only thing that *appears* to work is making the student
explicitly logout of the Luminis session when they are done…..but - since
these systems are setup to be self-service kiosks, there's not always
someone there to remind students to "log off before you leave", so we have
students closing the window thinking that they've "logged off", but the
next student steps up, logs in, and gets the previous student's email.



The problem doesn't seem to occur with any other "channels" - and we've
tried just about everything within the browser, with the Gmail settings,
popup blockers, security settings on the OS, etc.  Ellucian seems to be
very perplexed by our inquiries - seems that no one else is experiencing
this except us….??



Anyone else see or experience anything like this?



Anyone else already *solve* a problem like this?



Thanks for your time and consideration…..



Michael Schalip

Dir, ITS/Customer Support Services

Central New Mexico Community College




-- 
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and
no known threats were found.


-- 
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.


-- 
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and
no known threats were found.


-- 
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and
no known threats were found.