-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Scott Battaglia wrote: > This is easily changed! By default (if I recall correctly), the > timeout is 6 hours. In our WEB-INF/applicationContext.xml, there > should be ticketGrantingTicketExpirationPolicy defined where you can > specify the exact length of time.
Thanks for the quick reply Scott, I appreciate it immensely. But, I
think I need a bit more clarification:
Here are snippets from CAS 3.0.7 which I haven't changed at all from
the download:
<bean
id="serviceTicketExpirationPolicy"
class="org.jasig.cas.ticket.support.MultiTimeUseOrTimeoutExpirationPolicy">
<!-- This argument is the number of times that a ticket can be used before
its considered expired. -->
<constructor-arg
index="0"
value="1" />
<!-- This argument is the time a ticket can exist before its considered
expired. -->
<constructor-arg
index="1"
value="300000" />
</bean>
Arg 0: No reason to change this as each service should only get a
unique ticket once.
Arg 1: What is this measured in (minutes, seconds, etc.)? Also,
once this expires, and I'm using, for instance, a CASified email
client, what is the behavior as a user and as an application that
takes place?
<bean
id="grantingTicketExpirationPolicy"
class="org.jasig.cas.ticket.support.TimeoutExpirationPolicy">
<!-- This argument is the time a ticket can exist before its considered
expired. -->
<constructor-arg
index="0"
value="7200000" />
</bean>
Arg 0: What is this measured in (minutes, seconds, etc.)? After the
TGT expires, any client that attempts to establish a new connection
will trigger a re-authentication. Likewise it is up to individual
applications to expire their own sessions after a given time so that
sufficient inactivity will expire the client and the CAS server and
force reauthentication using CAS. Is that correct?
In general, there seem to be a lot of "time" settings in that file with no
comments as to the units (seconds, milliseconds, etc.) being used. I think it
would be helpful to include those attribute notations in the comments in the
file.
- --
Paul Ortman
PGP Key: 55602C81
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGimDUfw8KGlVgLIERAg7uAJ98TDCqjkmptPYztl/QXxNZQtrKaQCfYNp4
qTmq5O7q517NL0Mb53UnYGY=
=EBcm
-----END PGP SIGNATURE-----
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
