If your application times out then when the user tries to access it they will be redirected to CAS and if the single sign on session still exists they won't be prompted for their username/password.
You can force re-authentication by passing the renew=true to the login page (i.e. https://localhost:8443/cas/login?renew=true&service=...) -Scott On 3/23/07, t ray <[EMAIL PROTECTED]> wrote:
Thank you for responding. If my application times out before CAS times out, then will CAS ask me to reauthenticate when I attempt to access a protected page? I need to somehow get CAS to ask me to reauthenticate when I want it to. How can I achieve this? Thanks. ----- Original Message ---- From: Scott Battaglia <[EMAIL PROTECTED]> To: Yale CAS mailing list <[email protected]> Sent: Friday, March 23, 2007 10:37:15 AM Subject: Re: Timeout questions.. Application sessions are independent of CAS sessions. You would need to set the session timeout in your application's web.xml. -Scott On 3/20/07, t ray <[EMAIL PROTECTED]> wrote: > > Hello all, > I am attempting to implement inactivity timeout. > I set the value of session-timeout in CAS web.xml and expected the > session to timeout after the specified period of time. I expected any > attempt to access the webapp after the timeout to take the user to the login > page and after successful re-authentication, to the originally requested > page. However, this isn't hapenning. The timeout doesn't seem to take effect > at all. What am I missing? What does the session-timeout value represent- > number of minutes after which session will timeout regardless of user > activity or number of minutes session will timeout after last user activity? > I tried and the session doesn't timeout either way. > > Alternatively, if the above doesn't work, I was planning to invalidate > the session by calling session.invalidate( ) after my webapp detects a > timeout (it does this). That I believe will force CAS to re-authenticate the > user. > > Suggestions? > > Thanks > > ------------------------------ > The fish are biting. > Get more visitors<http://us.rd.yahoo.com/evt=49679/*http://searchmarketing.yahoo.com/arp/sponsoredsearch_v2.php?o=US2140&cmp=Yahoo&ctv=Q107Tagline&s=Y&s2=EM&b=50>on your site using Yahoo! > Search Marketing. > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas ------------------------------ Don't be flakey. Get Yahoo! Mail for Mobile<http://us.rd.yahoo.com/evt=43909/*http://mobile.yahoo.com/mail>and always stay connected<http://us.rd.yahoo.com/evt=43909/*http://mobile.yahoo.com/mail>to friends. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
