Question about single signout
Leena Borle
lsborle at gmail.com
Mon Jan 12 18:40:29 EST 2009
Hi,
In my case, it only invalidates the session of the application which
initiated the /cas/logout. Other applications still keeps the same session.
Difference between these applications is only that the mail application that
calls logout has implemented CAS with Spring security and others have it in
configured in web.xml (CAS-client 3.1.3)
I'm wondering if anything is missing in my configurarion. CAS
documentation says SSO requires just addition of SSO filter in web.xml.
Leena
On Mon, Jan 12, 2009 at 1:27 PM, Andrew Feller <afelle1 at lsu.edu> wrote:
> Leena,
>
> No. When the user goes to the CAS server to logout, the CAS server will
> notify all the applications that requested service tickets and invalidate
> the user's sessions.
>
> A-
>
>
>
> On 1/12/09 2:53 PM, "Leena Borle" <lsborle at gmail.com> wrote:
>
> Hello,
> I have added SSO filter in all web.xml of my application. I want to
> initiate sign-out from only one application. Do I need to invalidate
> sessions in other applications individually before calling /cas/logout?
> Leena
>
> ------------------------------
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
> --
> Andrew Feller, Analyst
> LSU University Information Services
> 200 Frey Computing Services Center
> Baton Rouge, LA 70803
> Office: 225.578.3737
> Fax: 225.578.6400
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20090112/8bd0a760/attachment.html
More information about the cas
mailing list