Hello Hui, CAS server session timeout doesn't mean that your CAS ticket has been destroyed. What did you write in you ticketExpirationPolicy.xml file ?
Stéphane 2010/7/1 Hui Zhou <[email protected]> > Hi, guys: > > We have two application A and B with cas integration and configure the > value of cas sso session timeout to 1 minute. > > 1.Login to application A. > 2.Stand by about 1 minute 30 seconds, cas sso session should timeout > ,right? > 3.Now I still can do some operation in application A. It didn't redirect me > to the cas login page. Plus if I try to login to application B, it will > redirect me to cas login page. > > I have added some log file in sessionCreated and sessionDestroyed method of > class org.jasig.cas.client.session.SingleSignOutHttpSessionListener, I can > see "Session Created" message in above step 1. But in above step 3, I > haven't seen there is any "Session Destroyed" message there. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
