You define an expiration policy, as it's documented to let the TGT never expire, and by extension your AT would not then expire.
...which is a very very bad idea by the way. Switch to a version that gets you that functionality (separate ATs from TGTs) instead in a more reasonable way. On Wednesday, October 19, 2016 at 9:08:47 AM UTC+3:30, Daniel Kyuheon Shim wrote: > > Hi, > > I'm following CAS project 4.2.x branch to use an access token and tgt. > > In this branch, it seems refresh token is not supported. > > So, for development purpose, I want to make a non-expiring access token. > > However, the access token's expiration is related to tgt expiration policy. > > /oauth2.0/profile api is checking the access token is expired or not using > tgt.isExpire() ( > https://github.com/apereo/cas/blob/4.2.x/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20ProfileController.java > ) > > I think tgt is not expired then the access token is not expired. > > Could you please let me know how to make tgt is not expired? > > > Thanks, > Daniel > -- CAS gitter chatroom: https://gitter.im/apereo/cas CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html CAS documentation website: https://apereo.github.io/cas CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/8129b4ea-b4f2-460d-9129-503c548ae6bb%40apereo.org. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
