Sure, where do I look for the redirect? In case it helps figure out what's going on, this is the sequence of URLs I am accessing:
1) Try to go to myApp/app/home.jsp (a secure page) - it gets redirected to https://mysSvr:8443/cas/login?service=https%3A%2F%2FLCEIT1664%3A8443%2FmyApp%2Fj_spring_cas_security_check 2) I enter the credentials and it goes to https://mySvr:8443/myApp<https://mysvr:8443/myApp> (the fix you gave me earlier by setting alwaysUseDefaultTargetUrl="false" worked once, but no longer after restarting the server). But at this point I see the user info and roles in the session. 3) I again go to myApp/app/home.jsp - this time it displays, since I'm already authenticated. 4) I do https://mySvr:8443/cas/logout<https://mysvr:8443/cas/logout> - it displays the CAS logout page - no redirection happens - it does log out of CAS. 5) I go to myApp/app/home.jsp again - it displays, with user info and roles, apparently still logged in through Spring Security. 6) I go to myApp/app/, it has lost the credentials. After doing the Single Sign Out configuration, the impression that I get is that once I logout in CAS it will only clear the Spring Security credentials if I navigate through the one URL listed in the Single Sign Out configuration, but CAS does not redirect me to that URL. ________________________________ From: Scott Battaglia [mailto:scott.battag...@gmail.com] Sent: Tuesday, February 17, 2009 12:53 PM To: cas-user@lists.jasig.org Subject: Re: [cas-user] Spring Security & CAS logout -- You are currently subscribed to cas-user@lists.jasig.org as: bruno.mell...@chickasaw.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
