Problem in session timeout

Hi Scott,
    I have 4 application app1,app2,app3,app4.
    Al those application are cas enabled.
    I login in app1. Then go to app2.
    Then wait for session timeout. The time limit is configured in ticketExpirationPolicies.xml .
    I configure the time to 1 minute.
   
    <bean id="grantingTicketExpirationPolicy"
      class="mypackage.MyNewExpirationPolicy">
        <constructor-arg
        index="0"
        value="60000" />
 <constructor-arg
        index="1"
        value="60000" />
</bean>
The write the logic in MyNewExpirationPolicy class.
    Then after the specified time expired when i access to app1 it does not  go to login page. But when I access to app3 or app4 it go to login page.
    For accessing app1 and app2 it do not go to loin page.(Because first time I login to app1 and go to app2)
    But accessing app3 and app4 it go to loin page.
 
    If the time expired it should go to login page for accessing every application that are cas enabled.
 
    Please help with more information.
 
Thanks and regards,
Bikash

 
 

---

Indian and NRI Matrimonial Proposals On MSN Matrimony! Try it!

_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas

No, the behavior you are seeing is correct.  Your applications are maintaining their own session that is independent of CAS's session.  CAS's session only control's the ability to single sign on.

The only exception to this is if your applications implement the single sign out protocol, then they would have been notified that the CAS single sign on session ended.

-Scott

-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia

On Thu, Jul 3, 2008 at 12:47 AM, Bikash Chandra Baidya <bikashnet@...> wrote:

Hi Scott,
    I have 4 application app1,app2,app3,app4.
    Al those application are cas enabled.
    I login in app1. Then go to app2.
    Then wait for session timeout. The time limit is configured in ticketExpirationPolicies.xml .
    I configure the time to 1 minute.
   
    <bean id="grantingTicketExpirationPolicy"
      class="mypackage.MyNewExpirationPolicy">
        <constructor-arg
        index="0"
        value="60000" />
 <constructor-arg
        index="1"
        value="60000" />
</bean>
The write the logic in MyNewExpirationPolicy class.
    Then after the specified time expired when i access to app1 it does not  go to login page. But when I access to app3 or app4 it go to login page.
    For accessing app1 and app2 it do not go to loin page.(Because first time I login to app1 and go to app2)
    But accessing app3 and app4 it go to loin page.
 
    If the time expired it should go to login page for accessing every application that are cas enabled.
 
    Please help with more information.
 
Thanks and regards,
Bikash

 
 

---

Indian and NRI Matrimonial Proposals On MSN Matrimony! Try it!

_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas

_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas

Then if my application implements the cas singlesignout as given below

  <context-param>
    <param-name>serverName</param-name>
    <param-value>http://ip:port</param-value>
   </context-param>

   <filter>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
  </filter>

  <filter>
    <filter-name>CAS Authentication Filter</filter-name>
      <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
    <init-param>
        <param-name>casServerLoginUrl</param-name>
        <param-value>https://serverip:8443/cas/login</param-value>
    </init-param>
  </filter>

  <filter>
    <filter-name>CAS Validation Filter</filter-name>
      <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
    <init-param>
        <param-name>casServerUrlPrefix</param-name>
        <param-value>https://serverip:8443/cas</param-value>
    </init-param>
    <init-param>
        <param-name>redirectAfterValidation</param-name>
        <param-value>true</param-value>
    </init-param>
  </filter>

  <filter>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
      <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
  </filter>
 
  <filter>
      <filter-name>CAS Assertion Thread Local Filter</filter-name>
      <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
  </filter>

  
 
  <filter-mapping>
     <filter-name>CAS Single Sign Out Filter</filter-name>
     <url-pattern>/*</url-pattern>
  </filter-mapping>
  <filter-mapping>
    <filter-name>CAS Authentication Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
    <filter-name>CAS Validation Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
 
  <listener>
    <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
  </listener>
 

Then how it can be notified by the cas single sign on session ended .
Is there any setting require for that...
please specify...

--arun

On Thu, Jul 3, 2008 at 7:18 PM, Scott Battaglia <scott.battaglia@...> wrote:

No, the behavior you are seeing is correct.  Your applications are maintaining their own session that is independent of CAS's session.  CAS's session only control's the ability to single sign on.

The only exception to this is if your applications implement the single sign out protocol, then they would have been notified that the CAS single sign on session ended.

-Scott

-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia

On Thu, Jul 3, 2008 at 12:47 AM, Bikash Chandra Baidya <bikashnet@...> wrote:

Hi Scott,
    I have 4 application app1,app2,app3,app4.
    Al those application are cas enabled.
    I login in app1. Then go to app2.
    Then wait for session timeout. The time limit is configured in ticketExpirationPolicies.xml .
    I configure the time to 1 minute.
   
    <bean id="grantingTicketExpirationPolicy"
      class="mypackage.MyNewExpirationPolicy">
        <constructor-arg
        index="0"
        value="60000" />
 <constructor-arg
        index="1"
        value="60000" />
</bean>
The write the logic in MyNewExpirationPolicy class.
    Then after the specified time expired when i access to app1 it does not  go to login page. But when I access to app3 or app4 it go to login page.
    For accessing app1 and app2 it do not go to loin page.(Because first time I login to app1 and go to app2)
    But accessing app3 and app4 it go to loin page.
 
    If the time expired it should go to login page for accessing every application that are cas enabled.
 
    Please help with more information.
 
Thanks and regards,
Bikash

 
 

---

Indian and NRI Matrimonial Proposals On MSN Matrimony! Try it!

_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas

_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas

_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas