-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I feel as though this question is really basic, but for some reason, I can't seem to find answers (maybe my Googlefoo is just weak...).
Is there some configuration setting in the CAS service where I can specify the equivalent of: "Once users authenticate, they will have SSO capabilities for a maximum of X minutes before they will be forced to reauthenticate to CAS." I would love to force that expiration timeout to be 9 hours so that at least if some user leaves their browser open over night, and they try to go to some CAS enabled site, they would need to reauthenticate. I don't like the idea that an open browser can provide unlimited CAS logins to all of our apps accidentally. Obviously individual applications would also need to expire their sessions, but for our important in-house applications, we've already done this, but this is currently being defeated by CAS. Thanks in advance for the two-by-clue tapping I'm sure to receive. - -- Paul Ortman PGP Key: 55602C81 - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGikKvfw8KGlVgLIERArYDAKCT85mn3UzxsL/EKXzZoTkfSq5oqwCdFkTv hdqbE+PncrxwREEYSGUDQVE= =Ylry -----END PGP SIGNATURE----- _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
