Setting maxAge=-1 will result in cookie expiry at end of session. I have this in my config but it may be for 5.1:
# default is P14D # used to set maxAge on user selection of remember me at login # it is always set regardless of user choice; this is a bug to investigate # file: https://github.com/apereo/cas/blob/5.1.x/support/cas-server-support-cookie/src/main/java/org/apereo/cas/web/support/CookieRetrievingCookieGenerator.java cas.tgc.rememberMeMaxAge=-1 I have not had time to investigate this and my note is not entirely clear. With rememberMeMaxAge=-1, the user can still have an 8 hour session (timeToKillInSeconds=28800) as long as the browser stays open. TGT lifetime takes priority, thus setting TGC to 1 month and TGT to 8 hours will result in user having to log in after 8 hours. Ray On Tue, 2018-04-17 at 01:19 -0700, Laura wrote: Hi, When I examine cookie information after logging in with Remember Me, there is a TGC cookie with an expiry date 'at end of session'. From my understanding, it should show the expiry date (1 month from now). Which implies that my CAS remember me config is not correct. I am very new to CAS so my understanding might be incorrect. Thanks, On Monday, April 16, 2018 at 5:40:37 PM UTC+1, rbon wrote: Laura, Are you saying that when your client application's session ends, it sends a logout request to CAS? The settings for CAS only affect the ability to participate in SSO sessions. It has nothing to do with the client application. The client should _not_ send logout to CAS when its session ends, it may when the user chooses to logout. Ray On Mon, 2018-04-16 at 08:12 -0700, Laura wrote: Hi, I have been trying to implement Remember Me functionality in our CAS application. However it doesn't work and I am not sure why. From the logs, I can see that the cookie is created. DEBUG [org.apereo.cas.web.support.CookieRetrievingCookieGenerator] - <Locating request parameter [rememberMe] with value [true]> DEBUG [org.apereo.cas.web.support.CookieRetrievingCookieGenerator] - <Is this request from a remember-me authentication event? [yes]> DEBUG [org.apereo.cas.web.support.CookieRetrievingCookieGenerator] - <Creating cookie [TGC] for remember-me authentication with max-age [1209600]> The user gets authenticated fine however the user gets logged out when the session expires. Here are the relevant properties. I set cas.tgc.secure to false for the local environment only. cas.tgc.maxAge=-1 cas.tgc.name<http://cas.tgc.name/>=TGC cas.tgc.secure=false cas.tgc.httpOnly=false cas.tgc.rememberMeMaxAge=1209600 cas.tgc.path=/cas cas.tgc.domain=/cas cas.ticket.tgt.rememberMe.enabled=true cas.ticket.tgt.rememberMe.timeToKillInSeconds=28800 Could someone point me in the right direction? I did read the documentation but I'm still unsure if all my properties are correct or if I need to do anything else. Let me know if you need more information about configuration, logs etc. Thanks. Laura -- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected]<javascript:> -- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected] -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1523989315.1811.45.camel%40uvic.ca.
