CAS provides a pluggable ticket expiration policy framework for TGT and St. In CAS applications, the expiration policy configuration for TGT and St is defaulted to Cas/webapp/web-inf/spring-configuration/ticketexpirationpolicies.xml
File. In the CAS expiration policy, there is no clear point of which ticket is applied to which expiration policy, but we are able to differentiate according to the class name. However, it is not possible to say that this expiration policy can only be used for this kind of ticket, which means that its expiration policy is artificially divided.
Expiration policy for TGT
1.org.jasig.cas.ticket.support.hardtimeoutexpirationpolicy
It's configured
<bean id= "Grantingticketexpirationpolicy"
class= "Org.jasig.cas.ticket.support.HardTimeoutExpirationPolicy" >
<constructor-arg index= "0" value= "7200000"/> <!--units are in milliseconds--
</bean>
At the time of the creation of the TGT, two hours after the TGT expires, this is hard to negotiate the room, so the class name has a tough;
2.org.jasig.cas.ticket.support.neverexpiresexpirationpolicy
It's configured
<bean id= "Grantingticketexpirationpolicy"
class= "Org.jasig.cas.ticket.support.NeverExpiresExpirationPolicy" >
</bean>
This does not have to be explained;
3.org.jasig.cas.ticket.support.remembermedelegatingexpirationpolicy
It's configured
<bean id= "Grantingticketexpirationpolicy"
class= "Org.jasig.cas.ticket.support.RememberMeDelegatingExpirationPolicy" >
<property name= "Sessionexpirationpolicy" >
<bean class= "Org.jasig.cas.ticket.support.TimeoutExpirationPolicy" >
<constructor-arg index= "0" value= "XXXXXXXX"/>
</bean>
</property>
<property name= "Remembermeexpirationpolicy" >
<bean class= "Org.jasig.cas.ticket.support.TimeoutExpirationPolicy" >
<constructor-arg index= "0" value= "XXXXXXXX"/>
</bean>
</property>
</bean>
See: Remember Me section,
If one of the sessionexpirationpolicy or remembermeexpirationpolicy expiration policies is met, the TGT expires;
4.org.jasig.cas.ticket.support.throttleduseandtimeoutexpirationpolicy
It's configured
<bean id= "Grantingticketexpirationpolicy"
class= "Org.jasig.cas.ticket.support.ThrottledUseAndTimeoutExpirationPolicy" >
P:timetokillinmilliseconds= "7200000"
p:timeinbetweenusesinmilliseconds= "5000"
</bean>
After the TGT is created, the last app is more than 2 hours or less than 5 seconds from this application, and if one is satisfied, the TGT expires.
5.org.jasig.cas.ticket.support.ticketgrantingticketexpirationpolicy
This is the default configuration of CAs for TGT, its configuration:
<bean id= "Grantingticketexpirationpolicy" class= " Org.jasig.cas.ticket.support.TicketGrantingTicketExpirationPolicy "
p:maxtimetoliveinseconds= "${28800}"
p:timetokillinseconds= "${7200}"/>
The TGT expires when the user does not move the mouse within 2 hours (7,200 seconds) or the system exceeds 8 hours (28,800 seconds);
6.org.jasig.cas.ticket.support.timeoutexpirationpolicy
It's configured
<bean id= "Grantingticketexpirationpolicy"
class= "Org.jasig.cas.ticket.support.TimeoutExpirationPolicy" >
<constructor-arg index= "0" value= "7200000"/> <!--units are in milliseconds--
</bean>
If the mouse is not moved for two hours, the TGT expires;
The expiration policy of St
1.org.jasig.cas.ticket.support.multitimeuseortimeoutexpirationpolicy
It's configured
<util:constant id= "SECONDS" static-field= "Java.util.concurrent.TimeUnit.SECONDS"/>
<bean id= "Serviceticketexpirationpolicy" class= " Org.jasig.cas.ticket.support.MultiTimeUseOrTimeoutExpirationPolicy "
c:numberofuses= "1" c:timetokill= "c:timeunit-ref=" SECONDS "/>
Or
<bean id= "Serviceticketexpirationpolicy"
class= "Org.jasig.cas.ticket.support.MultiTimeUseOrTimeoutExpirationPolicy" >
<constructor-arg index= "0" value= "1"/> <!--Usage--
<constructor-arg index= "1" value= "10000"/> <!--units are in milliseconds--
</bean>
The use of 1 or more than 10 seconds without application will cause the ST to expire;