Vincent, Ehcache has its own expiration policy. Look at timeToLive, timeToIdle for bean class org.springframework.cache.ehcache.EhCacheFactoryBean.
Ray On 2016-11-21 10:49, HURTEVENT VINCENT wrote: > Hello, > > We are using CAS Server 4.2.6 for few weeks now but we’re facing a > problem with the SSO lifetime. > > The ticket registry used is EhCache and the RememberMe feature is > enabled, you can find the settings in this gist : > > <https://gist.github.com/vhurteve/af4a563645a7eaf131ccc9772c4f312a> > > We would like default TGT lifetime of 12 hours (43200s) and a > rememberMe of 7 days (604800s) > > SSO works but it doesn’t last as expected, forcing users to > reauthenticate. The SSO lifetime seems random and barely 2 hours long. > > I tried the neverExpire policy but I still have the problem. I tried > to investigate the problem logging EhCache in debug mode but there’s > no message about forced eviction or something like this. I choosed > large ehcache settings, enough memory settings, with disk overflow, > but no amelioration. > > The TGT, ST, TGC settings are set in a cas.properties file correctly > loaded by the server as the other settings (ldap servers, ehcache, > encryption, etc) are well applied. > > Where could be the problem ? > > Bonus question, the TGT seems linked to username/Client IP/UserAgent, > which is not the behavior in version 3.5.x I think where the IP didn’t > come into the equation. > As the users are more and more moving and switching network settings, > it could be a problem. How I can link the TGT to username and UA only ? > > Thank you, > > > -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: > https://apereo.github.io/cas/Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google > Groups "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/224C52C7-D018-4D71-B5C1-CFFC75310683%40univ-lyon1.fr > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/224C52C7-D018-4D71-B5C1-CFFC75310683%40univ-lyon1.fr?utm_medium=email&utm_source=footer>. -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE C023 | [email protected] -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/247752f5-c6dd-a634-db9c-fbf74e9cbbea%40uvic.ca.
