How is idle timeout supposed to work
Manfred Duchrow
manfred.duchrow at md-cs.de
Fri Jul 11 10:06:48 EDT 2008
We are using CAS Server 3.2.1.
We want users to be forced to re-login if they didn't work with any of their
applications in their CAS protected SSO domain for lets say about an hour.
How can that be achieved?
As we found out the following defines an absolute timeout:
<bean id="grantingTicketExpirationPolicy"
class="org.jasig.cas.ticket.support.TimeoutExpirationPolicy">
<constructor-arg index="0" value="7200000" />
</bean>
It forces a user to re-login after 2 hours whether he was working with the
protected applications or not.
More information about the cas
mailing list