Hi, Currently I've implemented delegated authentication using CAS 5.2.3 with other apps for external IDP logins, i.e ADFS, OKTA etc.. When the user click on app which is integrated with CAS SSO ,they pass a param called idp=adfs
and when the user logout from app1 it will go to logout to re-login again in that case I want to add the idp param back to login url. Basically when user re-login I want to delegate to ADFS login. For example 1) User click on https://localhost:8443/app1?idp=adfs 2) It will redirect to https://localhost:8443/cas/login?idp=adfs 3) CAS will delegate authentication to ADFS and successfully login to https://localhost:8443/app1 4) User click logout link on app https://localhost:8443/app1 which will redirect to https://localhost:8443/cas/logout. After this on logout page user can link login again link in that case it will redirect to https://localhost:8443/cas/login but I want to add idp=adfs param back which came originally from initial request so that it can delegate to ADFS if user doesn't close browser and re-login. I can change each app to use https://localhost:8443/cas/logout?idp=adfs and take that param and send it to https://localhost:8443/login?idp=adfs. But there are many apps I need to change, is there any easy way to achieve this on CAS side ? Or whats the best practice to handle app specific logout. this is not a global logout from IDP just logged out of CAS and other SSO apps but the user is still active on IDP side. Thanks Rao. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/e07f6418-6761-43f4-ac66-a5e1a48c767a%40apereo.org.
