Once you have identified yourself to Raven during a browser session then Raven can remember who you are so that you can be identified to new sites without having to re-enter your user-id or password (unless the new site demands this). Login options let you modify this behaviour, either for the current login session while logging in or as defaults for future sessions from the Account Management page.
- Login radio buttons
- You have four options:
- don't login to Raven: the Raven server won't do anything to remember you and you'll have to provide your user-id and password again if another web site asks Raven to identify you. Selecting this stops Raven from trying to set the cookie it normally uses to implement login. This option makes no sense, and isn't available, if you are explicitly login to Raven from the Raven front page.
- login, but confirm before authenticating to new sites: the Raven server will set a cookie to remember who you are, but will ask you for confirmation before passing on your identity to further web sites.
- login and automatically authenticate to new local sites: the Raven server will set a cookie to remember who you are, and will automatically pass on your identity to additional web sites only if they are local (e.g. they use hostnames in ending cam.ac.uk). For all other sites it will first ask for confirmation. This provides additional convenience at the expense of a small loss of privacy.
- login and automatically authenticate to new sites: the Raven server will set a cookie to remember who you are and will automatically pass on your identity to any additional web sites if they ask. This provides further convenience at the expense of a larger loss of privacy.
- Expire session after
- If you chose either of the login options then this allows you to set an upper limit on how long you want to stay logged-in. This option is not available if you chose not to log in.
You can change the default values used for future sessions from the Account Management Page available on the Raven front page.
If you haven't expressed a preference the default behaviour is to log you in, to automatically authenticate to new local sites (but not to non-local ones) and to expire sessions after 10 hours.
The Raven login facility requires that your browser accepts cookies from the Raven server. If it rejects them then it will be as if you always choose "don't login to Raven". These cookies automatically expire when you quit your browser and only return information to the Raven sever.