Hi Michael,
Our password reset process enforces the user to log off which deletes the
granting cookie but a new one is generated when the user connects again with
the old password.
I found that disabling the OpenLdap pool option on the deployerconfigcontext
solves the problem:
...
<bean id="OpenLdapContextSource"
class="org.springframework.ldap.core.support.LdapContextSource">
<property name="pooled" value="false"/>
...
Any ideas?
Cheers, Javier.
_________________________________________
Javier Trapero.
Web Application Developer - Interactive Media Team
The Natural History Museum
Cromwell Road
South Kensington
London SW7 5BD
-----Original Message-----
From: Michael Ströder [mailto:[email protected]]
Sent: 18 September 2009 15:24
To: [email protected]
Subject: Re: [cas-user] password cache?
Scott Battaglia wrote:
>> On Thu, Sep 17, 2009 at 11:09 AM, javier <[email protected]
>> <mailto:[email protected]>> wrote:
>> We have been using CAS for a weeks and just noticed that if the user
>> changes his password it's able to logging with the new and the old
>> password till the tomcat instance where CAS is running is restarted.
>
> What are you using? LDAP?
The question is whether the GAS ticket granting cookie was invalidated after
password change. If not, then yes, the CASTGC is just (re-)used to create
another service ticket.
Ciao, Michael.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
