No the cookie sent does not have a path . i rechecked or domain. there is no typo:(
On Wed, Dec 19, 2012 at 6:00 PM, Scott Battaglia <scott.battag...@gmail.com> wrote: > According to this your cookies have two different paths: > > CASTGC > TGT-8-nnnUWE4IytFrwJX6LZfmSHu3RF7CmBewwEJPOohCtexzRnTLAQ-cas01.example.org > /cas-server-webapp-3.5.1 End Of Session > > CASTGC "" /cas-server-webapp-3.5.1/ Thu, 01-Jan-1970 00:00:10 GMT > > Their paths should have been constructed the same way. Is that a typo on > your end? > > > > On Wed, Dec 19, 2012 at 1:12 AM, Mckenzie J <mck2...@gmail.com> wrote: >> >> Hi, >> >> We are successfully able to logout of CAS . But We are in the process of a >> seamles redirection of the CAS logout to the application again. We are also >> able to achieve this as configuring the url parameter of the /cas/logout >> pointing to the application URL. >> >> Our spring has been configured with the service URL as >> https://APPURL/j_spring_cas_security_check for ServiceProperties and refered >> by the casProcessingFilterEntryPoint.So the request is further redirected to >> the CAS Loginpage configured as the loginurl in the spring.xml. >> >> A strange thing i notice is with the cookies in the Http Fox that shows >> calling of the /cas/logout as below >> Cookie sent : >> >> CASTGC >> TGT-8-nnnUWE4IytFrwJX6LZfmSHu3RF7CmBewwEJPOohCtexzRnTLAQ-cas01.example.org >> End Of Session >> >> Cookie Recieved: >> >> CASTGC >> TGT-8-nnnUWE4IytFrwJX6LZfmSHu3RF7CmBewwEJPOohCtexzRnTLAQ-cas01.example.org >> /cas-server-webapp-3.5.1 End Of Session >> >> CASTGC "" /cas-server-webapp-3.5.1/ Thu, 01-Jan-1970 00:00:10 GMT >> >> CASPRIVACY "" /cas-server-webapp-3.5.1/ Thu, 01-Jan-1970 00:00:10 GMT >> >> There is a redirect to /login Page of CAS after this ,which shows >> existence of the CASTGC cookie still in the browser, which ideally should >> not be. I am not sure why this redirection to /login page happens and also I >> suppose this might be a cause of issue. To trace the flow , I debugged CAS >> and I could see the following exception >> java.lang.IllegalStateException: No active FlowSession to access; this >> FlowExecution has ended >> >> It looks like the InitialFlowSetupAction is either not setting the >> configured service in Flowscope or there is some problem due to the call of >> /login page which interrupts the flow. >> >> I am looking for the solution for the following: >> >> 1. Is there any workaround so that i need not close my browser after >> logging out, which will givem a seamless experience. >> >> 2. Does the LogoutController invoked at call of /logout clear the cookies >> even in the browser side as well. if so what is that i am missing which >> makes me see the cookie still there. >> >> Please provide guidance. I have attached the spring config we are using. >> If there needs any change please suggest. >> >> Thanks, >> Mckenzie >> >> >> >> Regards, >> Mckenzie >> -- >> You are currently subscribed to cas-dev@lists.jasig.org as: >> scott.battag...@gmail.com >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev > > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > mck2...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
