You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by raj <ra...@clarologic.com> on 2001/11/07 13:11:40 UTC
The SingleSignOn rule
The Catalina documentation on hosts says:
"As soon as the user logs out of one web application (for example, by
invalidating or timing out the corresponding session if form based login
is used), the user's sessions in all web applications will be
invalidated. Any subsequent attempt to access a protected resource in
any application will require the user to authenticate himself or herself
again."
If I have two servlets
- servlet A with session time out of 10 mins.
- servlet B with a session timeout of 30 mins.
If user accesses both A & B, after 11 min.of idle time, user will be
asked to login again, when trying to access servlet B.
Have I understood this correctly?
Cheers
-raj
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>