Hello, Exactly, remember me is a feature to keep the user authenticated for weeks (months maybe) even if you close your browser and not only during a browsing session when you type your login and password. The wiki page (https://wiki.jasig.org/display/CASUM/Remember+Me) describes how to add this feature to the CAS server. After configuration you should have a "remember me" check box on your login page : if you check it, your identity will be kept after you close the browser. The CASTGC cookie will not be destroyed when you close your browser : it will last and the user could be reauthenticated whitout typing login and password in a next browsing session. If you want to make remember me feature works, you have to configure your CAS server as described in the wiki page and also notify your application that it is a remember me authentication. This last part was missing : I create a JIRA ticket : https://issues.jasig.org/browse/CAS-973. It is now done in CAS server 3.4.9-SNAPSHOT. You should also use SAML validation. This way, as a response of the service ticket validation, you'll get an attribute called longTermAuthenticationRequestTokenUsed which says if it is a remember me authentication or not. Regards, Jerome
-- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
