« Return to Thread: Timeout problems
Re: Timeout problems
by tedzo
::
Rate this Message:
Some parts of this message have been removed.
Learn more about Nabble's security policy.
Ah, thanks for the explanation. I should change the session-timeout in CAS /web.xml file back to 5 minutes (I have that at 60 minutes now).
Thanks for your time. Appreciate the help.
Thanks for your time. Appreciate the help.
----- Original Message ----
From: Scott Battaglia <scott.battaglia@...>
To: Yale CAS mailing list <cas@...>
Sent: Friday, May 9, 2008 6:55:24 AM
Subject: Re: Timeout problems
The Service Expiration Policy is the expiration policy for the one-time use tickets given to applications. They have a timeout or a valid number of uses (1).
The Tomcat Session is literally for the Tomcat session of the CAS server that gets created when you go through the login flow to enter your credentials (which is why its so short).
-Scott
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
From: Scott Battaglia <scott.battaglia@...>
To: Yale CAS mailing list <cas@...>
Sent: Friday, May 9, 2008 6:55:24 AM
Subject: Re: Timeout problems
The Service Expiration Policy is the expiration policy for the one-time use tickets given to applications. They have a timeout or a valid number of uses (1).
The Tomcat Session is literally for the Tomcat session of the CAS server that gets created when you go through the login flow to enter your credentials (which is why its so short).
-Scott
On Fri, May 9, 2008 at 2:11 AM, tedzo <tedzo2003@...> wrote:
Scott,
Thanks for the clarification. So, that would mean variable #2 in my list below. Let me try that. Maybe I missed it while trying out the many combinations.
So, what do #1 and #3 control?
Thanks.----- Original Message ----
From: Scott Battaglia <scott.battaglia@...>
To: Yale CAS mailing list <cas@...>
Sent: Thursday, May 8, 2008 6:58:52 PM
Subject: Re: Timeout problems
If you want to control the Single Sign On Session you need to modify the granting ticket expiration policy. The Tomcat sessions have nothing to do with your SSO session.
-ScottOn Thu, May 8, 2008 at 9:47 PM, tedzo <tedzo2003@...> wrote:I am really confused about session timeouts. I see the following 4 variables that are configurable-
1. In ApplicationContext.xml, the second argument for "serviceTicketExpirationPolicy" Bean
2. In the same file, the first (and only) argument for "grantingTicketExpirationPolicy" Bean
3. In web.xml for CAS webapp, the "session-timeout" entry
4. In tomcat's web.xml (under /conf), the "<session-config> <session-timeout>...." entry
I assumed just setting #3 above would control the timeout. That doesn't seem like it. So, I have been trying combinations and the one that worked is setting #2 AND #4 to the same value. Is that right or am I missing something here? I am using 3.06 server.
Also, by session timeout, I mean- I login and keep working. I walk away for 30 minutes (say) after I make my last request, I come back and try to access some CAS protected page. I should be asked to login again.
Your thoughts are appreciated.
Thanks.
_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
_______________________________________________
Yale CAS mailing list
cas@...
http://tp.its.yale.edu/mailman/listinfo/cas
« Return to Thread: Timeout problems
| Free Forum Powered by Nabble | Forum Help |