Hi guys,
I'm new to CAS and SSO. I'm developing a system included multiple
applications and I got a problem as bellow scenario:
My system has 2 web applications: APP1 and APP2
I open login form of both APP1 and APP2 on 2 different tab of a browser but
not login yet (eg: Mozilla Firefox)
I enter user name and password on login form of APP1. CAS validate my
inputted account successfully and redirect browser to APP1
Then, I enter another valid account on login form of APP2. CAS also accept
my request and redirect browser to my APP2.
In this case, the CASTGC cookie from CAS server of first account is
overridden, but my APP1 is never know that current login account
corresponding with first login is expired. So, my first account in APP1 is
able to do everything
My question is how make CAS expire the overridden CASTGC cookie and notify
to every service of that account (like logout that account of the
overridden cookie)
Pls give me some suggestions to solve this problem
Thanks and best regards,
--
Nguyen Dao Ngoc Anh (Mr.)
email: harryp...@gmail.com <harryp...@gmail.com>
anh...@live.com
phone: (+84)947265787
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
