How to set ttl for ticket created in DynamoDB
17 views
Skip to first unread message
Akash Mohapatra
Nov 24, 2025, 11:06:49 AM (14 days ago) Nov 24
to CAS Community
Hello All
We are using CAS 7.1.3 using DynamoDB storage. We are facing a challenge where any ticket (TGT) entry in CAS_TICKETS table while creating ticket using CAS , writes default value to TTL. We have mentioned in application.properties in below way:
cas:
ticket:
st:
time-to-kill-in-seconds: PT5M # 5 min
numberOfUses: 10
tgt:
primary:
time-to-kill-in-seconds: PT3M # 3 minutes
max-time-to-live-in-seconds: PT4M # 4 minutes
st:
time-to-kill-in-seconds: PT5M # 5 min
numberOfUses: 10
tgt:
primary:
time-to-kill-in-seconds: PT3M # 3 minutes
max-time-to-live-in-seconds: PT4M # 4 minutes
With this, any ST entry in CAS_TICKETS is writing correct value as 300 secs (PT5M) as mentioned in application.properties but TGT entries still dont override the value given PT 4M (240 secs).
Any suggestions or guidance is highly appreciated here.
Thank you
Akash
Ray Bon
Nov 24, 2025, 3:28:20 PM (13 days ago) Nov 24
to cas-...@apereo.org
Akash,
The TGT is the server side session identifier; the SSO session. 4m is short. Given that the service ticket life is longer, it is possible that a service will try to validate it [and fail] after 4m; requiring the user to re-authenticate.
It is possible that the minimum TGT lifetime has changed. I use 2m on my local to make testing easier.
It is also possible that the ticket store has limits (we use hazelcast).
If you are planning to use single logout, the TGT may be purged prior to your services sending a logout request; thus preventing SLO.
Is this for testing or production?
What are you trying to achieve with a short SSO session length (there may be an alternative method)?
What is the minimum time that is stored?
Ray
From: 'Akash Mohapatra' via CAS Community <cas-...@apereo.org>
Sent: November 24, 2025 07:51
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] How to set ttl for ticket created in DynamoDB
Sent: November 24, 2025 07:51
To: CAS Community <cas-...@apereo.org>
Subject: [cas-user] How to set ttl for ticket created in DynamoDB
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/427aea57-06dd-4ec8-acba-c52ebbd03dbdn%40apereo.org.
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/427aea57-06dd-4ec8-acba-c52ebbd03dbdn%40apereo.org.
Reply all
Reply to author
Forward
0 new messages