If I understand what you're saying, then this is not a CAS problem, but the
behaviour of your APP1.
It has it's own 'session', probably a browser cookie, that needs to time out
before it will ask you to login again (and than direct you to the cas login
page.)
Simply leaving the APP1 page and coming back doesn't seem to do that (unless
you add some mechanism to force logout upon leaving the site.)
Johan
----- Original Message -----
From: "rrakesh" <[email protected]>
To: <[email protected]>
Sent: Tuesday, May 12, 2009 10:29 AM
Subject: [cas-user] Setting grantingTicketExpirationPolicy, does not expire
the session
I got two applications App1 and App2 which are casified. Login in one
application does sso into other application and the same thing with the
sign
out functionality, logging out of APP1 or APP2 logs me out from the other
application APP2 or APP1 respectively.
Now I am trying to configure the "grantingTicketExpirationPolicy" the bean
declared in "ticketExpirationPolicies.xml" to 5 seconds. And after log-in
in
APP1 and sitting on a secured page for a while and trying to accessing the
APP2 secured page shows me log-in page. But at the same if I can travel
back
tot my APP1 secured page which does not show me log-in page instead it
gives
me access to the secured page.
Am I missing some thing here form the configuration point while setting
the
expiration, the reason becase Single Sign out works file between two
applications and CAS server.
Thanks
RR
--
View this message in context:
http://www.nabble.com/Setting-grantingTicketExpirationPolicy%2C-does-not-expire-the-session-tp23506700p23506700.html
Sent from the CAS Users mailing list archive at Nabble.com.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
