1. Yes, each client has it's own TGT stored as TGC (Ticket Granting Cookie) in a secure domain (https) 2. If I am not mistaken if you are not asking for new ST (Service Ticket), TGT will expire after a configurable TGT timeout, which by default is 8 hours but it is configurable. 3. It is a browser cookie and for security reasons it is removed after a browser restarts (it is a non persistent cookie). Take a look at "remember me" functionality, I think CAS supports this.
PS. I am still a new user to CAS but probably it is better to answer you than you are left without any answer to your problem. ________________________________________ Von: Jonathan [[email protected]] Gesendet: Donnerstag, 15. November 2012 02:51 An: [email protected] Betreff: [cas-user] What is the best way to handle CAS session timeout? The setup is 1 CAS server and 2 CAS client. The user has been active on client 1, but has not been active on client 2. Does each client have its own TGT? Can TGT expiration be push backed due to client activity? As for TGT, does this have to be a browser session cookie, or can TGT be configured so that it can last even after the browser restarts? Thanks Jonathan -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
