Hello Ray, Thanks a lot for reply. Yes i am able to access the logoutUrl without being logged-in. May be we wait for the wordpress expert and his advice as to what can be done.
Wish you a nice day ahead. Regards Neha Gupta On Friday, August 3, 2018 at 8:58:08 PM UTC+2, rbon wrote: > > Neha, > > Is it possible that LogoutUrl is protected by CAS? (That is, can you > access LogoutUrl without being logged in?) > Our word press expert is away until at least Tuesday so I will ask how > logout is set up then. > > Ray > > On Fri, 2018-08-03 at 02:22 -0700, Neha Gupta wrote: > > Hello Ray, > > Thanks for the update. > > I have already configured "LogoutUrl" in the service registry but the > problem is that in response i am receiving 302 error with the other URL in > the "Location" header. > When i fire the same logout URL from a new tab then i got logged out from > the wordpress site but when it is done through CAS it is not and reason > for the same is that CAS just fires HTTP POST request once and not again > and again when 302 error is received. > So just want to know whether is there any configuration available in CAS > by which we can redirect CAS to fire HTTP POST this number of times? or how > this can be done. > > Thanks and Wish you a nice weekend ahead. > > Regards > Neha Gupta > > > On Thursday, August 2, 2018 at 6:21:11 PM UTC+2, rbon wrote: > > Neha, > > By default CAS will send the logout to the URL that was used for login. If > Wordpress has a different URL, you can set that in the service definition, > https://apereo.github.io/cas/5.3.x/installation/Logout-Single-Signout.html#slo-requests > > Ray > > On Thu, 2018-08-02 at 02:52 -0700, Neha Gupta wrote: > > Hello Ray, > > Issue is solved with the ASP application. Now when /cas/logout is called > from a new tab, ASP application is also getting logged out. The reason is > certificate as stated by you and some configuration in web.config of ASP > application. After activating debug traces for "org.apache.http" in > "log4j2.xml" came to know about the reason and finally solved. > > Also problem is still there with the Wordpress site. SLO is not working > for it. The reason for the same is that in return of HTTP POST request for > logout is getting response as 302 with other URL in the header field > "Location" and CAS is not sending again HTTP POST request. Is there any > configuration where we can instruct CAS to send HTTP POST request again in > case 302 is received. I am using WP Cassify plugin for integrating > Wordpress site with CAS. > > > Thanks a lot for all your support. > > > Regards > Neha Gupta > > On Tuesday, July 31, 2018 at 5:26:38 PM UTC+2, rbon wrote: > > Neha, > > The debug message looks like CAS is not sending the logout (are the > clients pac4j?). > You have to install the certificate in java keystore. Look into keytool, > which comes with java, to install certificates. > > Ray > > On Mon, 2018-07-30 at 03:01 -0700, Neha Gupta wrote: > > Hello Ray, > > Thanks for the update. > I tried adding below configuration in the "cas.properties" file: - > > cas.httpClient.connectionTimeout=5000 > cas.httpClient.asyncTimeout=5000 > cas.httpClient.readTimeout=5000 > cas.httpClient.truststore.psw=changeit > cas.httpClient.truststore.file="C:\Users\Administrator.IDIV-DEV1\.keystore" > > where this keystore contains the certificates of ASP app but still not > success. I tried putting logs in the "CasLogOff" function present in the > ASP app but it is not getting hit when /cas/logout is called from a new > tab. > > Also in CAS traces i have seen below error. May be this can be the reason. > > 2018-07-26 11:52:36,908 DEBUG > [org.apereo.cas.support.pac4j.web.flow.SAML2ClientLogoutAction] - <The > current client is not a SAML2 client or it cannot be found at all, no > logout action will be executed.> > > > Thanks in advance > > Regards > Neha Gupta > > > On Friday, July 27, 2018 at 6:41:41 PM UTC+2, rbon wrote: > > Neha, > > Try to get some debug information from the clients. > Does the request reach from CAS server to client (curl > https://idiv-dev1:3556/Account/CasLogOff)? > Put debug statements in CasLogOff method. > Check your certificates. Your clients trust CAS (login works) but for > logout, CAS needs to trust your clients. > > Ray > > On Fri, 2018-07-27 at 05:53 -0700, Neha Gupta wrote: > > Hello Ray, > > Firing /cas/logout does not log out the applications and the traces looks > same. > Below is the Logout function present in the ASP application: - > > public void CasLogOff() > { > FormsAuthentication.SignOut(); > DotNetCasClient.CasAuthentication.SingleSignOut(); > } > > and below is the service registry in CAS: - > { > "@class" : "org.apereo.cas.services.RegexRegisteredService", > "serviceId" : "https://idiv-dev1:3556/.*";, > "name" : "BEXIS", > "id" : 10000002, > "description" : "This authorizes the BEXIS service.", > "logoutUrl" : "https://idiv-dev1:3556/Account/CasLogOff";, > "logoutType" : "BACK_CHANNEL", > "evaluationOrder" : 10001 > } > > > when i call URL"https://idiv-dev1:3556/Account/CasLogOff"; in new tab then > i am logged out from CAS as well ASP application as defined in the function > but why cas is not able to make single logout. > I am not able to get what is wrong in the configuration. > > > Regards > Neha Gupta > > > On Thursday, July 26, 2018 at 6:07:47 PM UTC+2, rbon wrote: > > Neha, > > The log says '[2] logout requests were processed'. Perhaps it is your > clients that are not processing the CAS logout correctly. You can go to > /cas/logout in a new tab, CAS log should look the same but are you logged > out of your apps? > > As for the tickets being removed, it could be your ticket store is > returning confusing response or that the ST was removed already (when it > was validated). > > Ray > > On Thu, 2018-07-26 at 07:01 -0700, Neha Gupta wrote: > > Hello CAS Team, > > I have integrated Wordpress site with CAS and i am using WPCassify plugin > for the same. > Now i have another ASP application and integrated it with CAS through > DotNetCasClient. > > Now my Single SignOn is working fine with both the applications i.e if i > login in my wordpress website and go to ASP application then i got > automatically logged into my ASP application but when i logged out from any > of the application then i am not logged out from the other application. > > Attached are the traces of CAS and it seems that CAS is creating some > logout request and finally unable to remove the tickets. I don't have any > idea how to proceed further. > Request you to please help me out > > Thanks in advance. > > > Regards > Neha Gupta > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] > > > -- > Ray Bon > Programmer analyst > Development Services, University Systems > 2507218831 | CLE 019 | [email protected] <javascript:> > > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/879dff6f-e8db-4a69-b239-01a5d6785332%40apereo.org.
