Hi all, I have noticed that there are several places to tune different timeout parameters. I am using mod_cas_auth as a Cas client and there are two configurable directive (/etc/apache2/httpd.conf):
*Directive*: CASTimeout *Default*: 7200 (2 hours) *Description*: This is the hard limit, in seconds, for a mod_auth_cas session (whether it is idle or not). When a session has reached this age and a new request is made, the user is redirected to the CASLoginURL to obtain a new service ticket. When this new ticket is validated, they will be assigned a new mod_auth_cas session. *Directive*: CASIdleTimeout *Default*: 3600 (1 hour) *Description*: This is a limit, in seconds, of how long a mod_auth_cas session can be idle. When a request comes in, if it has been inactive for CASIdleTimeout seconds, the user is redirected to the CASLoginURL to obtain a new service ticket I can also configure timeout parameters on Cas itself, in the 'ticketExpirationPolicies.xml'. I guess that the xml option is wider and I can configure more sets of timeout parameters. But regarding those two I can configure on /etc/apache2/httpd.conf, are there similar configurations on 'ticketExpirationPolicies.xml'? Which one is being enforced? Basically I want to set Idle connection timeout to 4 hours (have it redirected to logout screen afterwards) and *not to have a hard limit timeout at all,* whatis the most suitable way of doing it? Is there a way to set CASTimeout to "never" (setting it to '-1' or '0' does not seem to work). Thanks!! -- * Ronen Itkin* Taykey | www.taykey.com -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
