What if you're logged in more than one application? A redirect from application to application destroying the sessions and finally reaching the CAS server does not seem practical... :)
On Feb 22, 2007, at 11:35 AM, John Fereira wrote: > At 09:35 AM 2/21/2007, Scott Battaglia wrote: >> Any application that has used CAS for authentication is unaffected >> by calling /cas/logout. /cas/logout merely destroys the >> TicketGrantingTicket, preventing further single sign on with that >> session. It will not destroy any client application sessions. > > We just encountered the same issue. Our solution to this was to > create a Logout servlet (running in the application context, not the > CAS context) which does a session.invalidate() on the application, > then forwards to /cas/logout. > > > John Fereira > [EMAIL PROTECTED] > Ithaca, NY > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
