Hi, I have a working CAS server (version 3.2) that uses SPNEGO,X509 certificates and JAAS Autentication against kerberos (login creedentials view). When a TGT is expired due TimeOutPolicy (default time 2 hours) the full autentication flow is not triggered and user ends in the login creedentials form. My problem is that regulars users (80% of staff) does not have creedentials enabled, they use certificates and/or SPNEGO authentication.
We are using a workaround of closing the browser and trying again an access to the application then a correct login flow is executed and user log into the application using SPNEGO or certificates. Is there a method to prevent this behaviour when TGT expires? Our security policies does not allow us to extend TGT timeout policy Is issue CAS-686 related to this? thanks in advance. -- Saludos. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
