RT 4.4.2 & CAS authentication & "History..."

jcsrt · January 24, 2019, 11:58pm

I have a RT 4.4.2 server with CAS external authentication, running well, however occasionally when a user selects a ticket the History section fails to load. displaying “History…”

in the browser i receive a:
Access to XMLHttpRequest at '" (redirected from ‘/Helpers/TicketHistory?id=XXXXX’) from origin ‘’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

if a user refreshes the RT home page and returns to the ticket page the history will load normally.

Since it works some of the time i’m currently pursuing this as a CAS ticket expiration issue but i’m not sure where to investigate further.

Anybody have a quick fix?

jamyotte · October 21, 2019, 2:04pm

Sorry to revive an older topic…

Did you find a resolution to this issue? We’re working with a similar setup and seeing the same issue with our current configuration.

Thanks!

jamyotte · October 21, 2019, 7:46pm

For anyone who may come across this, the solution for us was to ensure that there is a CASScope directive, for mod_auth_cas, set to “/” in the Apache configuration for RT.

jcsrt · September 18, 2020, 8:02pm

I didn’t see this a year ago, i had managed to work around the issue by extending the cas timeout but that just led to less frequent issues. Trying your fix, would be great to have this entirely sorted.