Just getting in the discussion... Creating a session for logout is not required, I found out that our custom CAS implementation has a session="false" in the logout page. Though, the session is required for the login page...
+1 for this optimization -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
