issue with expiration TGC or TGT ?
637 views
Skip to first unread message
vallee.romain
Jan 17, 2018, 9:51:57 AM1/17/18
to CAS Community
Hello cas users !
i just release in production my jasig 5.2 .
I noticed that if I don't check "remember me", if I close and open my browser, the session is kept in memory with cookie time value:
"cas.tgc.rememberMeMeMaxAge=7889400"
My question, how do I get the session to close when I don't check " remember me".
and if I check "remember me", that the session is saved for 2 months
so this is my actual conf :
###TGT EXPIRATION
#
cas.ticket.tgt.timeout.maxTimeToLiveInSeconds=28800
cas.ticket.tgt.maxTimeToLiveInSeconds=28800
cas.ticket.tgt.timeToKillInSeconds=7200
cas.ticket.tgt.rememberMe.enabled=true
cas.ticket.tgt.rememberMe.timeToKillInSeconds=2629800
###TGC
cas.tgc.path=
cas.tgc.maxAge=-1
cas.tgc.domain=
cas.tgc.name=TGCEsig
cas.tgc.secure=true
cas.tgc.httpOnly=true
cas.tgc.rememberMeMaxAge=7889400I don't find the difference between TGT and TGC
TGC is a cookie to client ?
Thank you !
best regards
Romain
Ray Bon
Jan 17, 2018, 11:27:46 AM1/17/18
to cas-...@apereo.org
Romain,
TGC is client side, TGT is server side. TGC is used when user logs into a new service (after initial login) to 'find' the TGT.
The 'remember me' check box is for the TGT. Remove cas.tgc.rememberMeMaxAge and the TGC will be removed when the browser closes.
Ray
-- Ray Bon Programmer analyst Development Services, University Systems 2507218831 | CLE 019 | rb...@uvic.ca
vallee.romain
Jan 18, 2018, 3:01:40 AM1/18/18
to CAS Community
Thank you Mister Ray Bon for your answer.
ok i will remove my cas.tgc.rememberMeMaxAge propoerties .
so, do you know why if i check rememberMe checkbox,
my session kill with "cas.ticket.tgt.timeout.maxTimeToLiveInSeconds" parameters and not "cas.ticket.tgt.rememberMe.timeToKillInSeconds" parameters ?
Sorry for my poor english ...
Ray Bon
Jan 18, 2018, 12:49:38 PM1/18/18
to cas-...@apereo.org
Romain,
It looks like maxTimeToLiveInSeconds takes priority over rememberMe, https://apereo.github.io/cas/5.2.x/installation/Configuration-Properties.html#tgt-expiration-policy
Try removing maxTimeToLiveInSeconds.
Ray
vallee.romain
Jan 18, 2018, 3:47:01 PM1/18/18
to CAS Community
Thank you Ray.
If i remove it,i think default value will apply...
I will try to adjust to rememberme value.
Thanks you for your message.
What is your configuration about tgc ?
If i remove it,i think default value will apply...
I will try to adjust to rememberme value.
Thanks you for your message.
What is your configuration about tgc ?
Ray Bon
Jan 18, 2018, 4:00:51 PM1/18/18
to cas-...@apereo.org
cas.tgc.path=/cas/
cas.tgc.maxAge=-1
cas.tgc.domain=${cas.server.name}
cas.tgc.rememberMeMaxAge=-1
cas.tgc.encryptionKey=
cas.tgc.signingKey=
# TGT Expiration Policy
#
https://apereo.github.io/cas/5.1.x/installation/Configuration-Properties.html#tgt-expiration-policy
cas.ticket.tgt.timeout.maxTimeToLiveInSeconds=7200
# Remember Me
cas.ticket.tgt.rememberMe.enabled=true
cas.ticket.tgt.rememberMe.timeToKillInSeconds=28800
vallee.romain
Jan 22, 2018, 5:00:37 AM1/22/18
to CAS Community
Thank you Mister Bon !
it's seem to work !
the cas.ticket.tgt.timeout.maxTimeToLiveInSeconds
was culpable !!!Reply all
Reply to author
Forward
0 new messages