You can control the usage of the TGT (and thus creation of STs) with a custom expiration policy (if the existing one doesn't meet your needs)
On Wed, Sep 26, 2012 at 2:06 AM, Ken LAI <[email protected]> wrote: > Do you know if there is mechanism in CAS server side to throttle a > misbehaved casclient application that looped between user browser and > the CAS application? Service tickets are continuous to generate but > no consumption by the application, and redirect the browsers to obtain > ST for the application again. > > The idea is that if we can set a threshold of ST generation within a > certain time period for the same client IP and service URL, we can > deny the access when it is over. > > Regards, > -Ken > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
