On Fri, Jul 11, 2008 at 9:06 AM, Manfred Duchrow <[EMAIL PROTECTED]> wrote: > We are using CAS Server 3.2.1. > We want users to be forced to re-login if they didn't work with any of their > applications in their CAS protected SSO domain for lets say about an hour. > > How can that be achieved? > As we found out the following defines an absolute timeout: > > <bean id="grantingTicketExpirationPolicy" > class="org.jasig.cas.ticket.support.TimeoutExpirationPolicy"> > <constructor-arg index="0" value="7200000" /> > </bean> > > It forces a user to re-login after 2 hours whether he was working with the > protected applications or not. >
How I did it, (probably the wrong way) was I exposed an additional endpoint for cas called retime that resets the timeout on the TGT and nothing else. Then I set CAS to be the timeout I actually want, and I put a 1 line ajax call in our site header that hits that newly exposed endpoint and thus resets the timeout on the TGT. You could also do this by requesting new service tickets each request and throwing them away. Thanks Troy _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
