Okay for Session Management. Is understood and will do some monitoring to actually SEE this in real time (SEE the session corresponding to webflow and their contents, SEE the session corresponding to SSO and their content). I am planing to do jsoncole. If you have any other suggestion feel free to propose.
Regarding SLO, having Load Balancing with cookie sticky session would be then enough to get the whole scenario covered? (okay, despite the fact of implementing properly the callback mechanism). Rgds, javier -----Original Message----- From: jleleu [mailto:lel...@gmail.com] Sent: Thu 6/21/2012 1:49 PM To: cas-dev@lists.jasig.org Subject: RE:[cas-dev] CAS Session management Hi, In CAS server, you have two kinds of session : - the first one is the web session, which is linked to the internal webflow and is necessary for the login process : it's the HTTP session - the second one is the SSO session, which stores the association between the CASTGT cookie (a hash) and your SSO identity (after authentication) : it has nothing to do with the HTTP session and can be stored in EHCache, in memory, in database, in memcached... Regarding SLO, deleting the CASTGC cookie or even the association between the CASTGC cookie and the user identity is not sufficient as security contexts already exist on the applications the user has already browsed. The CAS server has to notify applications to destroy web sessions associated to the user who wants to logged off. So far, it's done with a HTTP back channel as Bill said, but it's a complicated issue to address if clustered applications need session affinity through cookie for example. Hope it helps your understanding. Best regards, Jérôme -- You are currently subscribed to cas-dev@lists.jasig.org as: jfradile...@k12.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
<<winmail.dat>>
