I'm using CAS as the authentication source for service app A and service app B.
Single sign on and single sign out are working fine for both A and B. Per
product requirements Service app B is rendered in an iframe in service app A.
My problem is that when the http session of service app B times out the CAS
hosted login prompt is being rendered in the iframe. The expiration time of the
TGT is significantly longer that the session timeout that is set on service app
B. When the session times out for B the CAS TGT is still valid. So my question
is... why, when making the request to B that loads the iframe, does B not get
recognized as already being logged in.
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
