All valid statements.
CAS v5 allows both options. Session persistence in v5 can happen locally, via
the container, via redis or via hazelcast.
--
Misagh
From: Yan Zhou
Reply: Yan Zhou
Date: July 28, 2016 at 8:07:17 AM
To: CAS Community
Subject: [cas-user] Re: CAS 3.5.x and 4.1.x difference in webflow, it persists
beyond session timeout
This also explained another difference I have seen.
In 3.5.x CAS, if you stay on the login page for a while without typing
anything. Then, you type in user credential, the first time you essentially
get "session timed out". You would have to type user credential for the second
time to login.
In 4.1.x CAS, nothing like that, you can wait for a long time, and type in
user credentials, it just works, because flow is resumed and variables are
restored.
Yan
On Thursday, July 28, 2016 at 11:03:19 AM UTC-4, Yan Zhou wrote:
Hi there,
Is this a correct statement? I have observed difference.
CAS 4.1.x using web flow encryption to capture flow states and stores them on
the client side. Therefore, even after http session expires, the flow can
resume and continue. This means, I can walk away for hours, and as long as my
browser is up running, I can always come back and click "Continue" to keep
going.
CAS 3.5.x does not do that, the flow execution key is plain text and stored in
HTTP session, flow ends as session idle timeout. This means, if I walk away
for hours, coming back and click "Continue", flow ends and redirect me to the
starting point of the flow.
Thx.,
Yan
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/e975ea91-3759-45d0-9b21-5d9b1947e1f2%40apereo.org.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To post to this group, send email to cas-user@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.579a2b36.5acf2a9b.95c8%40unicon.net.
For more options, visit https://groups.google.com/a/apereo.org/d/optout.