I'd like clarification whether ticketExpirationPolicies.xml still applies, that is a completely separate policy to configure where one needs to configure both.
You should configure both cache expiration/eviction semantics and CAS ticket expiration policy. For service tickets it's pretty easy to configure both such that they're semantically equivalent; set the TTL on the cache entry to equal the absolute expiration period of a ticket. For ticket-granting tickets, on the other hand, you can implement more complex policies than that of a simple cache entry TTL. If you're using the default sliding expiration policy for TGTs, then you'd want the cache TTL to equal the maximum lifetime of a ticket. The sliding window should be substantially less than the maximum lifetime; for example 8h maximum and 2h sliding window.
M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
