Palo Alto Global Protect embedded browser + Shibboleth
cantor.2 at osu.edu
Fri Apr 29 20:35:37 UTC 2022
> Not being a programmer, I'm hoping this makes sense to someone with specific knowledge of the logon page
I don't know what Windows is doing underneath, what matters is the HTTP requests it issues. You would need to trace the traffic and identify what it's actually communicating, but my guess is they have a bug and it's not passing the cookie(s) back in. The exception in the log will be explicit about why it broke. "Conversation not found" basically means the cookies didn't get sent, and it will also issue a new JSESSIONID in response also. There's no "API explanation" for that, that's a broken user agent.
More information about the users