Hi Marvin, I am pretty confident about my web.xml, but I will check it again. Here is a shortened version of my web.xml file:
<?xml version="1.0" encoding="UTF-8"?> > <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns=" > http://java.sun.com/xml/ns/javaee" xmlns:web=" > http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation=" > http://java.sun.com/xml/ns/javaee > http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5"> > <display-name>app2</display-name> > <welcome-file-list> > <welcome-file>app2.html</welcome-file> > </welcome-file-list> > <filter> > <filter-name>CAS Single Sign Out Filter</filter-name> > > <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> > <init-param> > <param-name>artifactParameterName</param-name> > <param-value>SAMLart</param-value> > </init-param> > </filter> > <filter-mapping> > <filter-name>CAS Single Sign Out Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > <listener> > > <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> > </listener> > <listener> > > <listener-class>com.app2.server.guice.GuiceServletConfig</listener-class> > </listener> > <filter> > <filter-name>CAS Authentication Filter</filter-name> > > <filter-class>org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class> > <init-param> > <param-name>casServerLoginUrl</param-name> > <param-value>https://casserverIP/login</param-value> > </init-param> > <init-param> > <param-name>service</param-name> > <param-value>http://app2serverIP/app2</param-value> > </init-param> > </filter> > <filter-mapping> > <filter-name>CAS Authentication Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > <filter> > <filter-name>CAS Validation Filter</filter-name> > > <filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class> > <init-param> > <param-name>casServerUrlPrefix</param-name> > <param-value>https://casserverIP</param-value> > </init-param> > <init-param> > <param-name>service</param-name> > <param-value>http://app2serverIP/app2</param-value> > </init-param> > <init-param> > <param-name>redirectAfterValidation</param-name> > <param-value>true</param-value> > </init-param> > <init-param> > <param-name>tolerance</param-name> > <param-value>500000</param-value> > </init-param> > </filter> > <filter-mapping> > <filter-name>CAS Validation Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > <filter> > <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> > > <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> > </filter> > <filter-mapping> > <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > <filter> > <filter-name>CAS Assertion Thread Local Filter</filter-name> > > <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> > </filter> > <filter-mapping> > <filter-name>CAS Assertion Thread Local Filter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > <filter> > <filter-name>guiceFilter</filter-name> > <filter-class>com.google.inject.servlet.GuiceFilter</filter-class> > </filter> > <filter-mapping> > <filter-name>guiceFilter</filter-name> > <url-pattern>/*</url-pattern> > </filter-mapping> > <!-- servlets and servlet mappings --> > </web-app> If you notice something wrong at a first glance, let me know please. Could Guice be somehow messing with CAS client? About the network environment, I'm not really responsible for it currently, could you give a hint of where to look? I mean, what could possibly cause single sign out to fail when single sign on works? Appreciate your help. 2012/12/4 Marvin Addison <marvin.addi...@gmail.com> > You're missing the output that indicates the SingleSignOutFilter is > receiving the LogoutRequest message sent from the CAS server. I'd > recommend you review your servlet config (web.xml) and also review > system/networking environment. > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user