Hello all,
I am attempting to implement inactivity timeout.
I set the value of session-timeout in CAS web.xml and expected the session to
timeout after the specified period of time. I expected any attempt to access
the webapp after the timeout to take the user to the login page and after
successful re-authentication, to the originally requested page. However, this
isn't hapenning. The timeout doesn't seem to take effect at all. What am I
missing? What does the session-timeout value represent- number of minutes after
which session will timeout regardless of user activity or number of minutes
session will timeout after last user activity? I tried and the session doesn't
timeout either way.
Alternatively, if the above doesn't work, I was planning to invalidate the
session by calling session.invalidate( ) after my webapp detects a timeout (it
does this). That I believe will force CAS to re-authenticate the user.
Suggestions?
Thanks
____________________________________________________________________________________
Food fight? Enjoy some healthy debate
in the Yahoo! Answers Food & Drink Q&A.
http://answers.yahoo.com/dir/?link=list&sid=396545367
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
