On May 12, 2009, at 12:33 PM, rrakesh wrote:
Thanks for posting your thoughts and answers to the questions.
Isn't the ticket expiration should work the same way as Single Sing
Out,
meaning cas-server sends message back to the services with
"logoutrequest",
right.
But I am not seeing it on the CAS-SERVER side logs.
Or May be I misunderstood the way the ticket expiration works.
From what I understand, the single sign out part has nothing to do
with the time limit on the TGT. In order to invoke single sign out,
you actually have to go to the /logout URL using the browser that has
the CASTGC (or present the TGT via the web service).
The time limit of the TGT just keeps new STs from being granted using
that TGT if the time limit is expired.
-lucas
Johan Reinalda wrote:
If I understand what you're saying, then this is not a CAS problem,
but
the
behaviour of your APP1.
It has it's own 'session', probably a browser cookie, that needs to
time
out
before it will ask you to login again (and than direct you to the cas
login
page.)
Simply leaving the APP1 page and coming back doesn't seem to do that
(unless
you add some mechanism to force logout upon leaving the site.)
Johan
----- Original Message -----
From: "rrakesh" <[email protected]>
To: <[email protected]>
Sent: Tuesday, May 12, 2009 10:29 AM
Subject: [cas-user] Setting grantingTicketExpirationPolicy, does not
expire
the session
I got two applications App1 and App2 which are casified. Login in
one
application does sso into other application and the same thing
with the
sign
out functionality, logging out of APP1 or APP2 logs me out from
the other
application APP2 or APP1 respectively.
Now I am trying to configure the "grantingTicketExpirationPolicy"
the
bean
declared in "ticketExpirationPolicies.xml" to 5 seconds. And after
log-in
in
APP1 and sitting on a secured page for a while and trying to
accessing
the
APP2 secured page shows me log-in page. But at the same if I can
travel
back
tot my APP1 secured page which does not show me log-in page
instead it
gives
me access to the secured page.
Am I missing some thing here form the configuration point while
setting
the
expiration, the reason becase Single Sign out works file between two
applications and CAS server.
Thanks
RR
--
View this message in context:
http://www.nabble.com/Setting-grantingTicketExpirationPolicy%2C-does-not-expire-the-session-tp23506700p23506700.html
Sent from the CAS Users mailing list archive at Nabble.com.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
View this message in context:
http://www.nabble.com/Setting-grantingTicketExpirationPolicy%2C-does-not-expire-the-session-tp23506700p23508914.html
Sent from the CAS Users mailing list archive at Nabble.com.
--
You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
