I had noticed the same problem (and so configured `Header add Set-Cookie "DISSESSIONAuthnDelegation=\"\"; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/cas"` in the apache proxy)
But now in 7.1.5, the apache conf is no longer necessary and I get `set-cookie DISSESSIONAuthnDelegation=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/cas; Secure; HttpOnly ` when I logout Le samedi 1 mars 2025 à 03:41:45 UTC+1, Bobby Esfandiari a écrit : > Recently I noticed that CAS would attempt to perform a delegated auth > logout by redirecting to external identity provider, even though the user > was authenticated via our database. > > I have CAS 7.0.4 set up for database authentication as well as delegated > auth to Azure. > > This issue led me to the discovery of the DISSESSIONAuthnDelegation cookie > which if present, seems to cause logouts to go through the delegated auth > flow. Otherwise, things proceed normally. > > I tracked the creation of the cookie to > DelegatedAuthenticationEventExecutionPlanConfiguration.java, but I cannot > find it referenced in the docs. I'm also unable to find any configuration > to clean it up properly. Since it is set to http only, I also cannot > manually remove it using javascript. > > Any help/info would be appreciated. > -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9cecb038-2f02-4287-8e4c-e9b9f17ea111n%40apereo.org.
