On Fri, Feb 11, 2011 at 18:49, Jean Alex Jean Louis philippe <[email protected]> wrote: > Thank you for your reply. > > I understand your answer. However this means that from a system standpoint, > it is impossible to have an idle timeout when using CAS because CAS will > automatically send a logout service ...! > > My question is: Is there any solution to meet this need? > > I thought about changing the behavior of CAS to send an HTTP request to the > service, to check if the session related to the current ticket is expired, > before sending the logout request. But we also have Apache as CAS client, my > solution works only for Java applications.
Not a solution but a possible workaround for mod_auth_cas is to set CASTimeout to 15 or 20 minutes to prevent the session from going stale. That won't help if the user is idle for an hour but there is a workaround for that too: include a hidden <iframe> on each page that refreshes every once in a while. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
