Palo Alto Global Protect embedded browser + Shibboleth

[Cantor, Scott]

>    Not being a programmer, I'm hoping this makes sense to someone with specific knowledge of the logon page

I don't know what Windows is doing underneath, what matters is the HTTP requests it issues. You would need to trace the traffic and identify what it's actually communicating, but my guess is they have a bug and it's not passing the cookie(s) back in. The exception in the log will be explicit about why it broke. "Conversation not found" basically means the cookies didn't get sent, and it will also issue a new JSESSIONID in response also. There's no "API explanation" for that, that's a broken user agent.

I would, I suppose, suggest that your workaround would be some kind of Javascript in the login template to try and interfere with it and prevent whatever it might be doing with the enter key, but that's beyond my experience level.

-- Scott