Timeout questions..
Scott Battaglia
scott.battaglia at gmail.com
Fri Mar 23 13:37:15 EDT 2007
Application sessions are independent of CAS sessions. You would need to set
the session timeout in your application's web.xml.
-Scott
On 3/20/07, t ray <t_ray9505 at yahoo.com> wrote:
>
> Hello all,
> I am attempting to implement inactivity timeout.
> I set the value of session-timeout in CAS web.xml and expected the session
> to timeout after the specified period of time. I expected any attempt to
> access the webapp after the timeout to take the user to the login page and
> after successful re-authentication, to the originally requested page.
> However, this isn't hapenning. The timeout doesn't seem to take effect at
> all. What am I missing? What does the session-timeout value represent-
> number of minutes after which session will timeout regardless of user
> activity or number of minutes session will timeout after last user activity?
> I tried and the session doesn't timeout either way.
>
> Alternatively, if the above doesn't work, I was planning to invalidate the
> session by calling session.invalidate( ) after my webapp detects a timeout
> (it does this). That I believe will force CAS to re-authenticate the user.
>
> Suggestions?
>
> Thanks
>
> ------------------------------
> The fish are biting.
> Get more visitors<http://us.rd.yahoo.com/evt=49679/*http://searchmarketing.yahoo.com/arp/sponsoredsearch_v2.php?o=US2140&cmp=Yahoo&ctv=Q107Tagline&s=Y&s2=EM&b=50>on your site using Yahoo!
> Search Marketing.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070323/ee10c568/attachment.html
More information about the cas
mailing list