INVALID_TICKET on browser refresh

Scott Battaglia scott.battaglia at gmail.com
Tue Nov 13 23:30:43 EST 2007 

Hi,

Some responses in-line.

On Nov 13, 2007 6:51 PM, Kristin Coles <kristin.coles at gmail.com> wrote:

> I've addressed my previous issue (regarding pages with optional login)
> using the gateway parameter as descibed in
> http://www.ja-sig.org/wiki/display/CAS/gateway .
>
> Two questions....
> 1. When I press REFRESH button on the web browser (F5), I get an
> INVALID_TICKET error. I understand that this is because the Service
> Ticket has expired after its issued and authenticated. But it could be
> annoying to the end user if the INVALID_TICKET errors keep showing up
> whenever they press REFRESH. Is there a way around this?


Your only way around it is to have your client redirect to the same url
without the ticket after successfully validating the ticket.

>
>
> 2. How and where do I set the TGT expiration time (inactivity
> interval)? Looks like the TGTs remains active even after I restart the
> Tomcat Server. Is that true?


TGT expiration time is set in the CAS Server's applicationContext.xml. Look
for the expiration policy that is defined for the TIcketGrantingTicket.

TGTs remain active until the expiration policy's conditions are met.  The
Ticket Granting Ticket Cookie (stored in the browser) exists as long as the
browser session lasts or until explicitly removed (but the cookie is
worthless without a valid TGT to back it).  If tickets last between Tomcat
restarts that is most likely due to a Tomcat configuration.

-Scott


>
> Please advise! :)
>
> Thank you,
> Kristin
>
> PS: One option that immediately comes to my mind is, to store the last
> issued Service Ticket in the Session. Whenever a ticket is invalid,
> find out of its the last issued ticket. If so, try to get a new ticket
> by contacting the CAS server.
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>



-- 
-Scott Battaglia

LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20071113/4248c5a2/attachment.html

More information about the cas mailing list