Hello,
If my application's session times out and CAS's SSO session is still valid,
then attempting to access a different Url on my application (by clicking a
link, for example) causes a redirection to /cas/login and back with a new
ticket. All this happens transparently to the user (i.e, not asked to login
again). How is this actually handled by CAS? I guess tomcat creates a new
session when the old one got timed out. That means all the cookies, assertions
etc are all gone and CAS client redirects to CAS server. So, how does CAS
server figure this out (i.e, associate the new session to the user) and not ask
the user to re-login?
Thanks.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
