On Thu, 29 Aug 2002, HAVENS,PETER (HP-Cupertino,ex3) wrote:
> Date: Thu, 29 Aug 2002 15:25:20 -0400
> From: "HAVENS,PETER (HP-Cupertino,ex3)" <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: 'Tomcat Users List' <[EMAIL PROTECTED]>
> Subject: single sign on and time outs
>
> I have a question regarding SingleSignOn. It seems that if any web app is
> accessed and then not visited for a period of time equal to the time out
> value of the global web.xml then the user will be de-authenticated for all
> webapps. To clarify, if I have two webapps, demo1 and demo2, and I log onto
> my server which is configured for SingleSignOn; then if I visit a resource
> in the demo1 webapp and then start viewing resources on the demo2 web app,
> the timeout will occur for the demo1 session and thus timeout my entire
> session.
>
More precisely, both sessions will be invalidated.
> Is there a way to configure single sign on so that it does not do timeouts
> based on each web app?
>
Isn't it easier to just make your sessions not time out?
> -Peter
>
Craig
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
