Troy, We tend to discourage applications determining the length of time that a session is valid for (what if you logged out of all three apps and then went to a fourth app 5 seconds later, why should that cause you to sign back in?). Thus, you won't really find any tips, or built-in mechanisms for handling this scenario. In general, we only support the method where the CAS server can notify the clients that ITS session ended. Applications calling back also requires that they are aware of the TicketGrantingTicket (the SSO identifier) which is a bad idea.
-Scott -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Mon, Jun 16, 2008 at 9:02 AM, Troy Bull <[EMAIL PROTECTED]> wrote: > Greetings > > First, I want to thank everyone in the CAS community as you all have > been very helpful in getting me up to speed. I must admit I was > nervous about this a couple weeks ago, now things are really working > quite well. That being said, my question. I have one last required > feature to implement. I have a cas server 3.2.1 and "a bunch" of > apps that do single sign on, single sign off. What I want to do is > implement a global timeout, say a user logs in to App A, then switches > to App B and Finally App C, when the last of these (A, B and C) times > out it needs to kill the CAS session so that CAS will no longer > re-authenticate the person. If anyone could point me in the right > direction, a wiki, a working example, any tips at all are greatly > appreciated. > > Thanks > Troy > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
