Thanks, Tim. I kind of remember reading that now. I need to look at my application more carefully, to determine what is timing out.
G. Wade Tim Funk wrote: > > http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/host.html#Single%20Sign%20On > > "As soon as the user logs out of one web application (for example, by > invalidating or timing out the corresponding session if form based login is > used), the user's sessions in all web applications will be invalidated. Any > subsequent attempt to access a protected resource in any application will > require the user to authenticate himself or herself again." > > -Tim > > G. Wade Johnson wrote: > > > Thanks again for all of the responses so far on my Timeout issue. > > I still have a problem, but it is not what I thought it was. > > > > Apparently, there is a <session-timeout/> set to 30 minutes in the > > $CATALINA_HOME/conf/web.xml that I have. I don't recall changing this > > (but I won't rule out the possibility). I modified that, and found > > that I could get the session to expire at the time I specify. > > > > This time, I looked at the cookies that were sent back just before I > > get the login screen and found that Tomcat is sending a request to > > delete the JSESSIONIDSSO cookie used by the SingleSignon valve. > > Apparently, it is this valve and not Tomcat proper that is signing me > > out after the timeout period. > > > > Is this expected behavior? > > > > Is there any way for me to work around this behavior? > > > > Thanks again, > > G. Wade > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]