Thank you very much Scott! I got the browser REFRESH issue resolved by
redirecting to the same URL without the ticket. If not for your reply,
it would have taken me a long time to figure it out! :)
The TGTs are persisting between Tomcat restarts though. I am still
unable to disable session persistence in Tomcat.
I have tried the following to disable session persistence in Tomcat.
Is there anyone in this lis
#Tomcat\conf\context.xml
<Context>
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<Manager pathname="" />
</Context>
#Tomcat\conf\server.xml
<Host name="cas" appBase="webapps\cas"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false"
expireSessionsOnShutdown="true">
<Context path="" docBase="">
<Manager
className="org.apache.catalina.session.PersistentManager"
debug="0"
saveOnRestart="false"
maxActiveSessions="-1"
minIdleSwap="-1"
maxIdleSwap="-1"
maxIdleBackup="-1">
<Store
className="org.apache.catalina.session.FileStore"
directory="logs/sessions" />
</Manager>
</Context>
</Host>
Can anyone please help me.
Thanks,
Kristin
On Nov 13, 2007 9:30 PM, Scott Battaglia <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Some responses in-line.
>
>
> On Nov 13, 2007 6:51 PM, Kristin Coles <[EMAIL PROTECTED]> wrote:
> > I've addressed my previous issue (regarding pages with optional login)
> > using the gateway parameter as descibed in
> > http://www.ja-sig.org/wiki/display/CAS/gateway .
> >
> > Two questions....
> > 1. When I press REFRESH button on the web browser (F5), I get an
> > INVALID_TICKET error. I understand that this is because the Service
> > Ticket has expired after its issued and authenticated. But it could be
> > annoying to the end user if the INVALID_TICKET errors keep showing up
> > whenever they press REFRESH. Is there a way around this?
>
> Your only way around it is to have your client redirect to the same url
> without the ticket after successfully validating the ticket.
>
> >
> >
> > 2. How and where do I set the TGT expiration time (inactivity
> > interval)? Looks like the TGTs remains active even after I restart the
> > Tomcat Server. Is that true?
>
> TGT expiration time is set in the CAS Server's applicationContext.xml. Look
> for the expiration policy that is defined for the TIcketGrantingTicket.
>
> TGTs remain active until the expiration policy's conditions are met. The
> Ticket Granting Ticket Cookie (stored in the browser) exists as long as the
> browser session lasts or until explicitly removed (but the cookie is
> worthless without a valid TGT to back it). If tickets last between Tomcat
> restarts that is most likely due to a Tomcat configuration.
>
> -Scott
>
> >
> >
> >
> > Please advise! :)
> >
> > Thank you,
> > Kristin
> >
> > PS: One option that immediately comes to my mind is, to store the last
> > issued Service Ticket in the Session. Whenever a ticket is invalid,
> > find out of its the last issued ticket. If so, try to get a new ticket
> > by contacting the CAS server.
> > _______________________________________________
> > Yale CAS mailing list
> > [email protected]
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
>
>
>
> --
> -Scott Battaglia
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
