[cas-user] Kill all CAS sessions
Hi all, Is there a way to kill all CAS sessions ? I want from an external web application to choose "CLOSE CAS" and update a column in a table and kill all living CAS sessions (all the TGT I think) Thanks in advance, Diego -- View this message in context: http://www.nabble.com/Kill-all-CAS--sessions-tp23024291p23024291.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Kill all CAS sessions
We don't allow you to issue a kill command to the CAS server at this moment. Depending on your backing storage, you may be able to implement something specific to your backend. -Scott On Mon, Apr 13, 2009 at 11:55 AM, Diego Benedicto wrote: > > Hi all, > > Is there a way to kill all CAS sessions ? > I want from an external web application to choose "CLOSE CAS" and update a > column in a table and kill all living CAS sessions (all the TGT I think) > > Thanks in advance, > Diego > -- > View this message in context: > http://www.nabble.com/Kill-all-CAS--sessions-tp23024291p23024291.html > Sent from the CAS Users mailing list archive at Nabble.com. > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > scott.battag...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Kill all CAS sessions
Thanks Scott, If I use JPATicketRegistry and I delete all rows in tables: ticketgrantingticket and serviceticket I "kill" all CAS sessions, is it a good solution? scott_battaglia wrote: > > We don't allow you to issue a kill command to the CAS server at this > moment. Depending on your backing storage, you may be able to implement > something specific to your backend. > > -Scott > > > On Mon, Apr 13, 2009 at 11:55 AM, Diego Benedicto > > wrote: > >> >> Hi all, >> >> Is there a way to kill all CAS sessions ? >> I want from an external web application to choose "CLOSE CAS" and update >> a >> column in a table and kill all living CAS sessions (all the TGT I think) >> >> Thanks in advance, >> Diego >> -- >> View this message in context: >> http://www.nabble.com/Kill-all-CAS--sessions-tp23024291p23024291.html >> Sent from the CAS Users mailing list archive at Nabble.com. >> >> >> -- >> You are currently subscribed to cas-user@lists.jasig.org as: >> scott.battag...@gmail.com >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > li...@nabble.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- View this message in context: http://www.nabble.com/Kill-all-CAS--sessions-tp23024291p23034692.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
Re: [cas-user] Kill all CAS sessions
It is a best solution: for each TGT , a REST request to DELETE cas/tickets/TGTx , so CAS sends logout request for all applications logged with a TGT. Diego Benedicto wrote: > > Thanks Scott, > > If I use JPATicketRegistry and I delete all rows in tables: > ticketgrantingticket and serviceticket I "kill" all CAS sessions, is it a > good solution? > > > scott_battaglia wrote: >> >> We don't allow you to issue a kill command to the CAS server at this >> moment. Depending on your backing storage, you may be able to implement >> something specific to your backend. >> >> -Scott >> >> >> On Mon, Apr 13, 2009 at 11:55 AM, Diego Benedicto >> >> wrote: >> >>> >>> Hi all, >>> >>> Is there a way to kill all CAS sessions ? >>> I want from an external web application to choose "CLOSE CAS" and update >>> a >>> column in a table and kill all living CAS sessions (all the TGT I think) >>> >>> Thanks in advance, >>> Diego >>> -- >>> View this message in context: >>> http://www.nabble.com/Kill-all-CAS--sessions-tp23024291p23024291.html >>> Sent from the CAS Users mailing list archive at Nabble.com. >>> >>> >>> -- >>> You are currently subscribed to cas-user@lists.jasig.org as: >>> scott.battag...@gmail.com >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >> >> -- >> You are currently subscribed to cas-user@lists.jasig.org as: >> li...@nabble.com >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- View this message in context: http://www.nabble.com/Kill-all-CAS--sessions-tp23024291p23035876.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
RE: [cas-user] Kill all CAS sessions
Yes it is possible, and also probed you need to has access to the registry
ticket implementation but there are two possible ways, by
ticketGrantingTicketId, and by username, the first choice is the best I
think, otherwise you should have your own authentication in CAS server and
authorities. Killing sessions by ticketGrantingTicketId may have
authentication in CAS server and authorities but I think that the
ticketGrantingTicketId its has its own security, make your choice.
Take an example, with the two options
public void logoutUserTicket(String ticketGrantingTicketId){
String user = null;
Ticket exp =
ticketRegistry.getTicket(ticketGrantingTicketId);
if(exp != null){
if(exp instanceof TicketGrantingTicketImpl){
user =
((TicketGrantingTicketImpl)exp).getAuthentication().getPrincipal().toString(
);
}
else{
user =
exp.getGrantingTicket().getAuthentication().getPrincipal().toString();
}
}
if(user != null){
logoutUser(user);
}
}
public void logoutUser(String user){
Iterator tickets =
ticketRegistry.getTickets().iterator();
while(tickets.hasNext()){
Ticket next = tickets.next();
if(next instanceof TicketGrantingTicketImpl){
if(((TicketGrantingTicketImpl)next).getAuthentication().getPrincipal().toStr
ing().equals(usuario) ||
(next.getGrantingTicket() !=
null &&
next.getGrantingTicket().getAuthentication().getPrincipal().toString().equal
s(usuario))){
if(!((TicketGrantingTicketImpl)next).isExpired()){
((TicketGrantingTicketImpl)next).expire();
}
if(next.getGrantingTicket() != null
){
if(!next.getGrantingTicket().isExpired()){
next.getGrantingTicket().expire();
}
ticketRegistry.deleteTicket(next.getGrantingTicket().getId());
}
ticketRegistry.deleteTicket(next.getId());
}
}
else
if(next.getGrantingTicket().getAuthentication().getPrincipal().toString().eq
uals(usuario)){
if(!next.getGrantingTicket().isExpired()){
next.getGrantingTicket().expire();
if(next.getGrantingTicket().getGrantingTicket() != null ){
if(!next.getGrantingTicket().getGrantingTicket().isExpired()){
next.getGrantingTicket().getGrantingTicket().expire();
}
ticketRegistry.deleteTicket(next.getGrantingTicket().getGrantingTicket().get
Id());
}
ticketRegistry.deleteTicket(next.getGrantingTicket().getId());
}
ticketRegistry.deleteTicket(next.getId());
}
}
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
