Do you have "Remember Me" turned on?
If not, it is possible that either the session cookies from your site are persistent (with an an explicit Expires/MaxAge) or else the cache control headers are allowing some pages to remain withing the browser cache. From: Danny Sinang [mailto:[email protected]] Sent: Thursday, February 28, 2013 12:55 PM To: [email protected] Subject: [cas-user] Public computer login and CAS Hi, I noticed that closing and reopening my browser allows me to access protected webpages on my CASified site. This could be a problem if I logged in from a public computer (internet cafe, etc). Is there a way to secure against this ? Regards, Danny -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
smime.p7s
Description: S/MIME cryptographic signature
