Sorry for late response on this. Haven’t had a chance to try to reproduce this yet. The main problem of course, is that you are authenticated, but the AJAX request is not being recognized as being authenticated, so it is being redirected to the CAS server to login (or verify login) and since its an AJAX request with the source of ondemand.hpc.nau.edu the case server then rejects it because it is a Cross-Origin Request.
The AJAX request for the file editor is setting this header which is supposed to help with this:
So I’m not sure yet what the next steps are.