Hi Pierre, I am not a CAS expert, but having gone through this recently, there are a couple of things that I would suggest looking at, which helped us get this resolved:
1) Do you have the SingleSignOutFilter in your filter chain in your web.xml? And is it being applied to the right url-pattern, to match the URL that will be called? 2) The single sign-out call is made to the same URL that the validation request came from; if your validation ticket is granted for the service http://www.foo.com/bar/, then CAS will make a call to http://www.foo.com/bar/ with the appropriate POST parameters to trigger the SingleSignOutFilter. I would suggest checking the access logs for the target application to confirm that it receives this logout request. 3) Have you done any customization to your CAS installation to do anything funky? In our case, we had muddled with the service URLs in the tickets to get around some network/firewall issues we were having, which caused the session identifiers not to match up properly when our app received the logout call. Hope this helps! Joe Robins Managing Director, Application Development Teach For America Email: [email protected] Phone: 212-279-2080, x11326 >One day, all children in this nation will have the opportunity to attain an >excellent education. http://www.teachforamerica.org/ -----Original Message----- From: Pierre Brun [mailto:[email protected]] Sent: Friday, February 04, 2011 5:16 AM To: [email protected] Subject: [cas-user] CAS server, SSO, logout Hi, i have some trouble with CAS SSO. -> i use a Portal as proxy, i login on it. -> i request PT (proxy ticket), to login automatically on other web application. -> All works until here. -> i logout on portal or directly with cas/logout url. My other application who loggin by PT, are not notify by CAS about the logout. It's a bug or it's normal ? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user ____________________________________________ This communication and any file transmitted with it may contain information that is confidential, privileged and exempt from disclosure under applicable law. It is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are hereby notified that any use, dissemination or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender. Thank you for your cooperation. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
