If your users redirect to CAS and then don't enter their credentials for hours, then there really isn't much we can do about that. I'm not sure why your users would do that. Your only choice is to switch the web flow from the session based storage to request based storage then.
Cheers, Scott On Fri, Jul 10, 2009 at 10:12 AM, Krishna <[email protected]> wrote: > Thanks Scott for your immediate reply. > > Currenly our CAS server session timeout is been set to 30mins and I can > increase it if required. I think issue will still remain if I increase CAS > server session timeout. It's possible that user might not enter on login > screen, but does something else by the time and come back to enter > credential after couple of hours. Then the issue will still be there. > > Do we have need to set same session timeout for CAS server and all the > other application using CAS server for authentication? > > Krishna > > > > > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
