Hi Bill, Thank you for the response. I have removed all the applications and i checked with the plain CAS 3.5.1 deployed in the server. My observation showed me a strange occuerence:
1) I can see 2 CASTGC cookies with same name and value getting added in the browser with the only difference in the cookiepath - one set with /cas-server-webapp-3.5.1 and the other /cas-server-webapp-3.5.1/ (please note the / appended). Debugging the code shows that the CAASTGC with the / appended is the only one getting added. I cannot figure how the other gets added. 2) Calling logout shows me that there is a CASTGC cookie deleted in the browser ( monitoring through cookie manager addon) but immediately i see the cookie with /cas-server-webapp-3.5.1(one with no / appended) path still unremoved. What can be the root cause. i am unable to find how this gets added again. Please let me know how to troubleshoot and close this issue. Thanks, Mckenzie On Fri, Jan 4, 2013 at 7:34 PM, William G. Thompson, Jr. <wgt...@gmail.com> wrote: > On Fri, Jan 4, 2013 at 12:02 AM, Mckenzie J <mck2...@gmail.com> wrote: >> Hi, >> >> We are trying to implement Single Sign On for our applications with a CAS >> server for authentication. The CAS server is setup on a different domain and >> the applications are in different domains. We face an issue with the logout >> functionality. >> >> 1) The CAS TGC cookie that gets set in the browser is not getting removed on >> calling of logout from CAS , though the TGT is destroyed in the server side >> as seen in the logs. Does CAS remove this from browser as well or it is the >> responsiblity of the user to manually remove the cookie. > > Yes, a visit to /cas/logout should destroy the TGT as well as remove > the TGC cookie. > >> >> 2) Because of this issue, we are forced to close all instances of browsers >> which were open prior to the logout of CAS (including those that are not >> related to the CAS accessing sessions, say a browser where user is accessing >> internet) to be closed , in order to attempt for a fresh login. This is not >> an ideal scenario for users as this prevents multi tasking of users. Are we >> missing anything. > > Even if the TGC was left around for some reason, when the TGT is > destroyed on the server the CAS WebSSO session is effectively ended. > > I suspect you may be getting application sessions and CAS WebSSO > sessions mixed up. > > Best, > Bill > >> >> Any pointers or guidance to this can help us resolve this issue. >> >> Thanks, >> Mckenzie >> -- >> You are currently subscribed to cas-dev@lists.jasig.org as: wgt...@gmail.com >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: mck2...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
