I submitted another reply to my previous one as it looks like the throttle check is done on both the creation of the TGT and the verification of the ST. I had posted the code where the error was also. -John
________________________________ From: Fesenmeyer, Daniel [mailto:[email protected]] Sent: Thu 11/3/2011 9:47 AM To: [email protected] Subject: [cas-user] CAS Server 3.4.10: Problem with ThrottledUseAndTimeoutExpirationPolicy Hi, I have some problem with ThrottledUseAndTimeoutExpirationPolicy. The documentation says that "timeInBetweenUsesInMilliSeconds" is the "minimum amount of time permitted between consecutive uses of a ticket". I set this value to 20 seconds. I thought that it would prevent a CAS client to validate a ticket again and again. So I expected to get an error when the timeframe between two validations would be less than 15 seconds. (Which should never occur, because the CAS Client for Java imho validates only once per ticket.) But with this setup, I always got an error. I had to set this value to about one second to get it work. It seems that the "timeInBetweenUsesInMilliSeconds" is - at least in case of the first validation- the time between ticket creation and validation. This is why I had to set the value so low that the use of ThrottledUseAndTimeoutExpirationPolicy is quite useless for me. I found another post on ThrottledUseAndTimeoutExpirationPolicy (with proxyValidate) which is quite similar to my problem: http://www.mail-archive.com/[email protected]/msg09823.html But I use samlValidate instead of proxyValidate. Does someone use ThrottledUseAndTimeoutExpirationPolicy and can help me with this issue? Thanks, Daniel -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
