Recently, when CAS was used for the single-point authentication service, it was found that after about 20 minutes, no response was returned when pages were refreshed asynchronously (because easyui framework was used, therefore, page refreshing is based on the Ajax + Div method). At first, I thought it was a problem of CAS server timeout. I checked the various configurations and made reference to many posts on the Internet, today, I have no idea if the session has expired because the single-point logon client has not configured any session validity period, that is to say, the client's session duration is the default Tomcat session duration (some people on the Internet say that the default session Validity Period of Tomcat is 30 minutes, but now we find that there will be no response with Ajax in about 20 minutes, so this default 30 minutes is to be confirmed by the experiment), open the project web. add the following code to the XML file (Java project:
<session-config> <session-timeout>120</session-timeout></session-config>
120 refers to 2 hours. The default unit is minute. Here, 120 minutes are used to maintain the same identity as the CAS server. The default identity of the CAS server is valid for 2 hours. The Code is as follows:
<!-- TicketGrantingTicketExpirationPolicy: Default as of 3.5 --> <!-- Provides both idle and hard timeouts, for instance 2 hour sliding window with an 8 hour max lifetime --> <bean id="grantingTicketExpirationPolicy" class="org.jasig.cas.ticket.support.TicketGrantingTicketExpirationPolicy" p:maxTimeToLiveInSeconds="${tgt.maxTimeToLiveInSeconds:28800}" p:timeToKillInSeconds="${tgt.timeToKillInSeconds:7200}"/>
The configuration is located in the WEB-INF/spring-configuration/ticketexpirationpolicies. XML, timetokillinseconds is not active validity period, in seconds.
CAS Single Sign-On: no response to Ajax page refreshing (302 moved temporarily)