Hi, Misagh, Thanks, but, I was not talking about ticket timeout, etc.
I extended CAS login flow, so that a first-time user will be required to change password, confirm his email address, etc., before he is authenticated successfully by CAS. If the user stops in the middle of the login flow, the app. does not timeout. He can go away for an hour and come back, everything still works. I was surprised by that, I thought my idle session timeout 15 minutes would have taken effective, and user will be redirected to login page, after he is gone for an hour and then attempts to continue on the flow. Do you have any insights into this? Thanks, Yan On Monday, July 25, 2016 at 5:27:26 PM UTC-4, Misagh Moayyed wrote: > > That's not how it works. See > https://apereo.github.io/cas/4.1.x/installation/Configuring-Ticket-Expiration-Policy.html > > > On Monday, July 25, 2016 at 12:17:17 PM UTC-7, Yan Zhou wrote: >> >> Hi there, >> >> I have a CAS 4.1.9 overlay setup, below is a section of my web.xml. CAS >> app should timeout in 15 minutes, but it does not. >> >> On the login page, I waited for 20 minutes, I can still login, CAS does >> not timeout. >> >> How can I debug this? >> >> <session-config> >> <session-timeout>15</session-timeout> >> <cookie-config> >> <name>CASSESSIONID</name> >> </cookie-config> >> </session-config> >> >> >> Thx, >> Yan >> >> >> >> >> -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/05b0d01b-540c-408a-9dea-2171fa0c94fa%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
