Hi,
We are using CAS 6.4.6.6, I still find this is the case, RT is removed
(We like it to expire in 7 days), but it was removed after 8 hours, because
the underlying TGT expired, which is default to 8 hours.
i did not understand why Logout behavior would affect RT retention when TGT
is
Hi,
We are running into the same issue you had. This is how we set our
expiration properties:
cas.ticket.tgt.timeToKillInSeconds=7200
cas.ticket.tgt.maxTimeToLiveInSeconds=28800
cas.authn.oauth.refreshToken.timeToKillInSeconds=604800
cas.authn.oauth.accessToken.timeToKillInSeconds=86400
Hey Ray, thanks for responding.
Yes, the application frequently uses the OAuth access token and refresh
token given to it after the user authenticates. During each application
invocation, the application uses the access token it was given as
authentication in some web service calls. If the
Caleb,
You can turn off single logout for that application (more accurately, not turn
it on).
Or are you saying that this application periodically probes CAS to check for a
valid login?
Ray
On Mon, 2017-09-25 at 15:15 -0700, 'Caleb D' via CAS Community wrote:
Hello,
We're trying to implement
Hello,
We're trying to implement a special case behavior in CAS 5 concerning
OAuth. When a user authenticates, a TGT, refresh token, and access token
are generated. By default when the TGT expires, the refresh token and
access token are also removed (lambda defined by