Timeout problems
tedzo
tedzo2003 at yahoo.com
Thu May 8 21:47:11 EDT 2008
I am really confused about session timeouts. I see the following 4 variables that are configurable-
1. In ApplicationContext.xml, the second argument for "serviceTicketExpirationPolicy" Bean
2. In the same file, the first (and only) argument for "grantingTicketExpirationPolicy" Bean
3. In web.xml for CAS webapp, the "session-timeout" entry
4. In tomcat's web.xml (under /conf), the "<session-config> <session-timeout>...." entry
I assumed just setting #3 above would control the timeout. That doesn't seem like it. So, I have been trying combinations and the one that worked is setting #2 AND #4 to the same value. Is that right or am I missing something here? I am using 3.06 server.
Also, by session timeout, I mean- I login and keep working. I walk away for 30 minutes (say) after I make my last request, I come back and try to access some CAS protected page. I should be asked to login again.
Your thoughts are appreciated.
Thanks.
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080508/96cfed33/attachment.html
More information about the cas
mailing list