in my experience if either app does a "pulse" of a service validate then CAS will keep the tgt alive.
-Andrew On Oct 3, 2011, at 2:38 AM, Scott Battaglia wrote: > The clients cannot affect the server's timeout. > > Cheers, > Scott > > > On Mon, Oct 3, 2011 at 1:31 AM, Harry Rusli <[email protected]> wrote: > This is a question regarding local app timeout and CAS Server timeout. > > I have 2 client apps: app1 and app2 > Both are secured by CAS (v3.4.10) (using spring security CAS) > > The client apps have local session timeout of 1 min. > The CAS server's ticket timeout (grantingTicketExpirationPolicy) is set to 2 > minutes. > > Here's the scenario: > 1. I logged in to app1 via CAS > 2. I access app2 and was granted access (single sign on works as expected) > 3. I remain active in app1 (never allowing for a local timeout) while not > accessing app2 at all for more than 2 minutes. > 4. I access app2 and is prompted by a login. > > This is undesirable for my requirements. > > The desired setup would be user would not be prompted to login to either app1 > or app2 as long as they have been active on either app1 or app2 for the last > 2 minutes. > > Does anyone know of a setup that can help me achieve my requirements? > > Thank you. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
