Ok i have a clue, Since my application not throw a session timeout, cas client will not reauthenticate the user?
I configured 1min timeout for my client application and 2min in HardTimeoutExpirationPolicy if each minute I press F5, i'm reauthenticated automatically (a new ST is created), but if i wait 2min, I must logged my user. Is my understanding correct? Le jeudi 23 août 2012 16:18:59 UTC+2, Nicolas Geraud a écrit : > > hello, > > Once again there is something i don't understand in the expiration policy. > > To test it, i configure the ticketExpirationPolicies.xml like this : > <bean id="serviceTicketExpirationPolicy" > class="org.jasig.cas.ticket.support.HardTimeoutExpirationPolicy" > c:timeToKillInMilliSeconds="5000"/> > <bean id="grantingTicketExpirationPolicy" > class="org.jasig.cas.ticket.support.HardTimeoutExpirationPolicy" > c:timeToKillInMilliSeconds="5000"/> > > In my mind, 5 seconds after a successful login, i must reauthenticate my > user. > > But no, once I'm authenticated, i'm never rejected. > > > What I'm doing wrong? > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
