I guess the desired behaviour is for the global session to be kept active. The only way I see for this to happen is ping the CAS server via javascript or an <img src type hack. This doesnt seem feasible if it initiates the whole /login redirect flow but may be ok if CAS could be extended to support a call to somehow refreshTGT time. I had hoped that mod_auth_cas may help the situation by providing a central point through which all calls to protected applications could pass, allowing it to somehow maintain activity on a TGT. But I cant understand whether this is how it works.
Thank you for your continued input. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
