At 09:35 AM 2/21/2007, Scott Battaglia wrote: >Any application that has used CAS for authentication is unaffected >by calling /cas/logout. /cas/logout merely destroys the >TicketGrantingTicket, preventing further single sign on with that >session. It will not destroy any client application sessions.
We just encountered the same issue. Our solution to this was to create a Logout servlet (running in the application context, not the CAS context) which does a session.invalidate() on the application, then forwards to /cas/logout. John Fereira [EMAIL PROTECTED] Ithaca, NY _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
