I am using alfresco default web script to get a ticket for a user but i am not sure till when this obtained ticket is valid.
Also i am extracting ticket is from obtained XML response of alfresco default login web script.
Does a ticket has any expiry date or once a ticket is obtained, it will not expire till session expiry?
The best way to handle alfresco authentication tickets is to handle it manually. E.g. for getting a ticket, use OOTB web script.
http://localhost:8080/alfresco/service/api/login?u=admin&pw=admin
which return ticket such as TICKET_29ced6613a114294fa4bb9e67bf663112076f3d9 (needs to be extracted).
Now when using this ticket for any kind of operation, try to verify ticket validity using OOTB alfresco web script.Note that this is a HTTP GET method based web script
GET /alfresco/service/api/login/ticket/{ticket}
http://localhost:8080/alfresco/service/api/login/ticket/TICKET_29ced6613a114294fa4bb9e67bf663112076f3d9?alf_ticket=TICKET_29ced6613a114294fa4bb9e67b663112076f3d9
Thing to note here is that you need to authenticate this web script also by appending ?alf_ticket={ALFRESCO_TICKET} without which it will not work.
Finally when you are done with your things, always log out using OOTB alfresco logout web script. Note that this is a HTTP DELETE method based web script
DELETE /alfresco/service/api/login/ticket/{ticket}).
http://localhost:8080/alfresco/service/api/login/ticket/TICKET_29ced6613a114294fa4bb9e67bf663112076f3d9?alf_ticket=TICKET_29ced6613a114294fa4bb9e67bf663112076f3d9
Again you need to authenticate this web script also by appending ?alf_ticket={ALFRESCO_TICKET} without which it will not work.
This way you can ensure proper authentication as well as system will not be overburdened with stale tickets.
P.S. http://wiki.alfresco.com/wiki/Repository_RESTful_API_Reference#Logout