[cas-dev] CAS logout
Scott Battaglia
scott_battaglia at rutgers.edu
Wed Jul 26 08:16:13 EDT 2006
Jennifer,
Did you access the logout page via http or https?
-Scott
Jennifer Yang wrote:
> Hello,
>
> I am trying to implement logout.
>
> I found the following thread, but I am not seeing the same behavior.
> http://tp.its.yale.edu/pipermail/cas/2005-February/001010.html
>
> According to this, hitting /cas/logout should prevent the previously
> authenticated user from accessing another webapp without signing on
> again. Here is what I tried and the behavior.
>
> I have two webapps (using jsp-examples and servlet-examples supplied
> by Tomcat) both setup to use CASFilter.
>
> 1. I enter one of the jsp-examples url in the browser.
> 2. I get JA-SIG login page and I log in successfully.
> 3. I get redirected to the jsp-examples I was trying access in step 1.
> 4. I logoff via /cas/logout and get a JA-SIG "successfully logged off".
> 5. I enter one of the servlet-examples (a different webapp from step
> 1). I expected to get another JA-SIG login page, but I get my
> servlet-examples without being re-authenticated.
>
> Am I missing something?
>
> Also, what is the best way to implement single-sign-out?
>
> Thanks very much!
> --Jennifer
>
>------------------------------------------------------------------------
>
>_______________________________________________
>cas-dev mailing list
>cas-dev at tp.its.yale.edu
>http://tp.its.yale.edu/mailman/listinfo/cas-dev
>
>
More information about the cas-dev
mailing list