I was confused at first when I ran the same test. The thing is that your app has a session as well. When you log on to your app and there is no session (ie the first time you log on) you will be redirected to CAS and your app will establish a session. That session is good for as long as your app is configured for. When your app session is expired, it will then go to CAS for re-authentication. If the CAS ticket is expired at that point, you will need to log in again.
For fun, set your apps session to 1 min. and log in. watch your logs, and after a min, your session will time out. If you then do something on you app, you will see in the CAS log that you re-validated your ticket. You will be able to do this for 10 min before your CAS ticket is invalid an you will need to log in again. Hope this helps. On Wednesday, February 19, 2014 10:50 PM, Raymond Cheng - ITD <[email protected]> wrote: Dear All, I am working in a web application using CAS as SSO solution. I find some question about ticket validation against CAS session timeout. I have tested this case and the result seems incorrect. Is there any related setting I could check? Test 1) I login in my app successfully. 2) CAS timeout after 10 mins, but my app's session keeps alive. 3) I continue to access the restricted pages Result My app cannot detect CAS session timeout, therefore I can still access the restricted pages successfully. I think my app should redirect to login page after CAS session timeout. Look forward to your reply. Regards, Raymond ______________________________________________________________________ http://www.egltours.com/promotion This message (and any attachments) may contain information that is confidential,proprietary,privileged or otherwise protected by law.The message is intended solely for the named addressee (or a person responsible for delivering it to the addressee).If you are not the intended recipient of this message, you are not authorized to read, print, retain , copy or disseminate this message or any part of it.If you have received this message in error, please destroy the message or delete it from your system immediately and notify the sender. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
