Hello,
I need urgent help regarding a CAS migration from CAS 6.6.15 to CAS 7.3.5.
We configured the TGT session duration with:
cas.ticket.tgt.hard-timeout.time-to-kill-in-seconds=7140
The goal is to keep the CAS session alive for almost 2 hours.
After the migration, one external application integrated with our CAS server is still logging users out after 1 hour, even though the TGT ticket in the new cas_tickets table is created with an expiration time of around 2 hours.
I noticed the following in the cas_tickets table:
-
creation_time is correct
-
expiration_time is correctly set to about 2 hours later
-
last_used_time does not change
-
last_used_time remains almost the same as creation_time, even when the user is still active in the application/session
My questions are:
-
Is cas.ticket.tgt.hard-timeout.time-to-kill-in-seconds still the correct property in CAS 7.3.5 to define the CAS session duration?
-
Why is last_used_time not updated while the user is still active?
-
Can this explain why the external application logs out after 1 hour?
-
Is there another CAS 7.3.5 property that should be configured for sliding/session inactivity timeout?
-
Could the 1-hour logout be caused by the service application session timeout instead of the CAS TGT timeout?
Any advice or recommended configuration for CAS 7.3.5 would be appreciated.
Thank you.