Ok, never mind. It appears CAS is very sensitive to certificates. I can use CAS to login into a casified app on my test server, neither session time out or single sign out will work.
If I put the same app on an official dev server (behind a proxy / the same proxy our cas server is behind with real certs) then session time out and single sign out both work as advertised. I swear I watched the CAS server log file and didn't see any SSL like errors when running my app on my personal test server. I just need to remember that I need to run on real servers when testing. I am going to go back through the logs and see if I can find the error so I can tell other developers what to look for when things don't work like they expect. ________________________________________ From: Bryan Wooten [[email protected]] Sent: Tuesday, November 30, 2010 9:05 AM To: [email protected] Subject: [cas-user] Question about Single Signon Session Timeout I followed the instructions here: https://wiki.jasig.org/display/CASUM/HOWTO+Configure+Single+Sign+On+Session+Timeout and set the timeout policy to 1 minute (60000). However after I enter my test app and wait one minute (or more) when I hit refresh I am not prompted to login. Also I can open a new Tab (Firefox) and when I hit my main cas login page it also says I am still logged in. It seems my setting the session timeout has had not effect. Am I missing something? Oh yeah CAS 3.4.3.1 server and CAS 3.1.10 Client. I have all the filters configured in the client. Thanks, Bryan -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
