Just to update with more findings. This not sending back-channel logout to all services behavior only happens with Basic Authentication. When I restored the configuration to use form authentication, CAS server did send back-channel logout to all services. If any one has any inside on this, please help. I did struggle with configuring CAS server to use Basic Authentication earlier. I ended up adding the cas-server-support-basic.jar, created a simple JSP to do the Basic Authn challenge and simply substituted the "casLoginView" with this new JSP w/o changing anything else. Not sure if this is a complete configuration for Basic Authentication - there's virtually no doc on this.
Gang On Friday, February 10, 2017 at 12:11:43 PM UTC-5, Gang Yang wrote: > Hi, > > I've just upgraded our CAS server from 3.3.1 to 4.2.7. When testing with > Single Logout, I found that CAS 4.2.7 no longer send the back-channel > logout POST request to all logged-on webapps any more. From the CAS 4.2 > document, I thought sending bach-chennel logout to all webapps is the > default behavior. Is it not? > > I used the CAS war template to build my 4.2.7 CAS server war with only two > added dependencies, cas-server-support-basic and cas-server-support-saml. > Did I miss anything for the default single logout behavior? Do I need to do > any further configuration? I did not for earlier version of CAS 3.3.1. > > Appreciate any help and pointers. > > Gang > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/edd49476-eee7-408e-affe-2241b6696891%40apereo.org.
