Vallee,
When you say session, are you talking about the CAS session or the client session?
Is it possible to have a cookie that expires when the browser closes and lives for a set time?
You can use this to have the cookie expire when the browser closes:
cas.tgc.maxAge=-1
I have this note in my config (not sure if it applies to 5.2) but our config is set to expire TGC when browser closes:
# default is P14D
# used to set maxAge on user selection of remember me at login
# it is always set regardless of user choice; this is a bug to investigate
cas.tgc.rememberMeMaxAge=-1
I do not have these in my config:
cas.ticket.tgt.timeToKillInSeconds
cas.ticket.tgt.maxTimeToLiveInSeconds
Ray