문제

I have an environment with a cas server and any java clients. I'm facing a problem with single logout with all clients, because, the client do a redirect to path /cas/logout and only this session is logged out. The ticket inside the cookie CASTG is cleaned up, but the user yet can access other applications, but, when the client try access the application that user did redirect to /cas/logout, the cas server asks user credentials.

According I saw when you do a request to a /cas/logout this works like a chain, where CAS server do sign out one by one.

Obviously is a configuration problem, but, I'm not able to find it.

Important: When a user do a request to cas/logout two cookies are deleted, CASTGC and CASPRIVACY

도움이 되었습니까?

해결책

Indeed, the CAS server should send logout requests to all applications the user has accessed when you call /cas/logout, in addition to the deletion of its own cookies (CASTGC and CASPRIVACY). The property managing that is: https://github.com/Jasig/cas/blob/master/cas-server-webapp/src/main/webapp/WEB-INF/cas.properties#L75...

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top