Akash, The TGT is the server side session identifier; the SSO session. 4m is short. Given that the service ticket life is longer, it is possible that a service will try to validate it [and fail] after 4m; requiring the user to re-authenticate. It is possible that the minimum TGT lifetime has changed. I use 2m on my local to make testing easier. It is also possible that the ticket store has limits (we use hazelcast).
If you are planning to use single logout, the TGT may be purged prior to your services sending a logout request; thus preventing SLO. Is this for testing or production? What are you trying to achieve with a short SSO session length (there may be an alternative method)? What is the minimum time that is stored? Ray ________________________________ From: 'Akash Mohapatra' via CAS Community <[email protected]> Sent: November 24, 2025 07:51 To: CAS Community <[email protected]> Subject: [cas-user] How to set ttl for ticket created in DynamoDB Hello All We are using CAS 7.1.3 using DynamoDB storage. We are facing a challenge where any ticket (TGT) entry in CAS_TICKETS table while creating ticket using CAS , writes default value to TTL. We have mentioned in application.properties in below way: cas: ticket: st: time-to-kill-in-seconds: PT5M # 5 min numberOfUses: 10 tgt: primary: time-to-kill-in-seconds: PT3M # 3 minutes max-time-to-live-in-seconds: PT4M # 4 minutes With this, any ST entry in CAS_TICKETS is writing correct value as 300 secs (PT5M) as mentioned in application.properties but TGT entries still dont override the value given PT 4M (240 secs). Any suggestions or guidance is highly appreciated here. Thank you Akash -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/427aea57-06dd-4ec8-acba-c52ebbd03dbdn%40apereo.org<https://groups.google.com/a/apereo.org/d/msgid/cas-user/427aea57-06dd-4ec8-acba-c52ebbd03dbdn%40apereo.org?utm_medium=email&utm_source=footer>. -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/YQBP288MB0081FDFEA1EAB7CBB201AAAECED0A%40YQBP288MB0081.CANP288.PROD.OUTLOOK.COM.
