I was confused at first when I ran the same test.  The thing is that your app 
has a session as well. When you log on to your app and there is no session (ie 
the first time you log on) you will be redirected to CAS and your app will 
establish a session.  That session is good for as long as your app is 
configured for. When your app session is expired, it will then go to CAS for 
re-authentication. If the CAS ticket is expired at that point, you will need to 
log in again.

For fun, set your apps session to 1 min. and log in.  watch your logs, and 
after a min, your session will time out.  If you then do something on you app, 
you will see in the CAS log that you re-validated your ticket.  You will be 
able to do this for 10 min before your CAS ticket is invalid an you will need 
to log in again.

Hope this helps.




On Wednesday, February 19, 2014 10:50 PM, Raymond Cheng - ITD 
<[email protected]> wrote:
 
Dear All,

I am working in a web application using CAS as SSO solution. I find some
question about ticket validation against CAS session timeout.
I have tested this case and the result seems incorrect. Is there any
related setting I could check?

Test
1) I login in my app successfully.
2) CAS timeout after 10 mins, but my app's session keeps alive.
3) I continue to access the restricted pages

Result
My app cannot detect CAS session timeout, therefore I can still access
the restricted pages successfully.
I think my app should redirect to login page after CAS session timeout.

Look forward to your reply.

Regards,
Raymond


______________________________________________________________________ 
http://www.egltours.com/promotion 

This message (and any attachments) may contain information that is 
confidential,proprietary,privileged or otherwise protected by law.The message 
is intended solely for the named addressee (or a person responsible for 
delivering it to the addressee).If you are not the intended recipient of this 
message, you are not authorized to read, print, retain , copy or disseminate 
this message or any part of it.If you have received this message in error, 
please destroy the message or delete it from your system immediately and notify 
the sender.

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to