Ben, Likely, you also have some kind of PHP session for the application.
=> Generally speaking, logging out of CAS SSO does *NOT* log you out of any application sessions. <= So you might want to clear any normal PHP session prior to calling `phpCAS::logout()`. Thanks, Carl Waldbieser ITS System Programmer Lafayette College ----- Original Message ----- From: "Benjamin Cherian" <benjamin.cher...@villanova.edu> To: cas-user@lists.jasig.org Sent: Thursday, February 19, 2015 9:28:51 AM Subject: [cas-user] Logout using phpCAS We have a vendor using phpCAS to implement SSO with our CAS server. They created a custom login page to handle CAS. Login works fine, but logout is currently an issue. Currently when we logout, phpCAS::logout() is called and we are redirected to the CAS logout page. When I try to go to any URL within the application, I'm not logged in. When I go to another CAS enabled application, I am not logged in. But when I go back to the custom CAS login page, I am logged back in without being prompted for login credentials. No interaction occurs between the application and the CAS servers, so it is all within the client and the application at this point of re-entry. Is this acceptable behavior for CAS, or is there something more that needs to be done to be fully logged out of the application? Thanks, Ben -- You are currently subscribed to cas-user@lists.jasig.org as: waldb...@lafayette.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user