About the logoutUrl I said that based on this parts of code: [image: Untitled 2.png] The ticket catalog error needs more details, so set cas.log.level to debug or trace for more details.
The configuration is *cas.logout.follow-service-redirects*, and the default value is false, but I think it's working if you send the request to default /logout url. On Tuesday, November 14, 2023 at 5:25:48 PM UTC+3:30 Udo Einspanier wrote: > I also tried to always redirect to the same URL using redirect-url in the > configuration, but this does not work eithr and shows the some logout page > as before: > > cas: > logout: > followServiceRedirects: false > removeDescendantTickets: true > redirect-url: "https://..."; > > > > On Friday, November 10, 2023 at 8:56:25 AM UTC+1 Meysam Shirazi wrote: > >> Hi Udo >> Change *cas.log.level* to *debug *or make org.apereo.cas.oidc log level >> to trace to see what happening. >> common reason is post_logout_redirect_uri does not match service, means >> post_logout_redirect_uri is not define as logoutUrl or matching service id >> in your service definition. >> >> >> On Friday, November 10, 2023 at 10:29:33 AM UTC+3:30 Udo Einspanier wrote: >> >>> Hi Meysam, >>> >>> thanks for the quick reply. Yes, id_token_hint is part of the URL, I >>> just left it out for brevity but should have included it. So here is the >>> URL from CAS OIDC logout page with all parameters: >>> >>> >>> https://.../cas/oidc/oidcLogout?id_token_hint=...&post_logout_redirect_uri=https://... >>> >>> But still no redirect from CAS to post_logout_redirect_uri. >>> >>> Any other ideas? >>> >>> Thanks, >>> Udo >>> >>> On Friday, November 10, 2023 at 3:41:42 AM UTC+1 Meysam Shirazi wrote: >>> >>>> It needs idToken in id_token_hint url parameters) that contains >>>> clientId, it can be the same id token that be retrieved in login process. >>>> On Thursday, November 9, 2023 at 4:20:04 PM UTC+3:30 Udo Einspanier >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> we have CAS 6.6 as OIDC provider. When our client initiates logout, it >>>>> goes to >>>>> https://.../cas/oidc/oidcLogout?post_logout_redirect_uri=https:/... >>>>> >>>>> In the YAML configuration we have: >>>>> >>>>> cas: >>>>> logout: >>>>> followServiceRedirects: true >>>>> removeDescendantTickets: true >>>>> >>>>> I would expect CAS to redirect to the URL in parameter >>>>> post_logout_redirect_uri, but instead >>>>> shows a logout page titled "Logout successful" where the user can >>>>> click on the logout URL >>>>> specified in the logout request. >>>>> Is there some additional setting required for OIDC, or are we missing >>>>> something to allow automatic >>>>> redirect without user interaction? >>>>> >>>>> Thanks and best regards, >>>>> Udo >>>>> >>>>> >>>>> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c9db435a-488a-4a04-949a-7ff4fe5f4282n%40apereo.org.
