Hi all, While I do agree that allowing CAS session after browser close is very much a security vulnerability and would suggest against it, there is indeed a config to allow such thing to happen:
https://apereo.github.io/cas/6.0.x/configuration/Configuration-Properties.html#ticket-granting-cookie > cas.tgc.maxAge=-1 If one modified this to an positive number, you will get the behavior of CAS session after browser close and re-open. Again do not recommend doing it. Cheers! - Andy -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/17462dbc-ac0e-47c3-bb8c-2f8371dd7427%40apereo.org.
