There's no out of the box configuration for differing the single sign-on session length per relying party, but it wouldn't be hard to customize CAS to do this, especially if what you mean is that each application has a different time threshold after which it considers a single sign-on session too stale for its purposes and wishes CAS to again prompt the user to login with password.
I'd suggest some skepticism as to whether this is a good idea. Single sign-on session duration is hard enough for users to relate to without the effective duration differing continuously. In projects I've been involved in, it's often been all-or-nothing -- some applications participate in SSO, and some never participate in SSO, via the CAS "renew" feature on the login request. On Mon, Feb 11, 2013 at 4:31 AM, jleleu <[email protected]> wrote: > Hi, > > To be simple, you have two kinds of timeout : > - the one of your SSO session > - the ones of your web applications. > > The SSO timeout is configured in CAS server where as application timeouts > are configured their own way in each web application. > > Best regards, > Jérôme > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
