On Tue, Feb 17, 2009 at 12:38 PM, Bruno <[email protected]> wrote:
> If I understood your answer then once an app is using CAS, you cannot > logout from ONLY that app, while remaining logged on to the others. That's > OK, but I'd like to make sure I understood correctly. Is that how it works? Yes, you can log out from one app. But that decision is local to your application. It doesn't involve CAS at all. Note however, that with single sign on, if they try and access an application they just logged out of, they will be logged back in. > > > Also, I still need to be able to logout from BOTH Spring Security and CAS > simultaneously. Right now, depending on which URL I use I am getting logged > out from only one of them. Was I supposed to pass a logout callback URL > somehow? There's a difference between logging out of a local application and logging out of CAS. Logging out of your local application kills your local session and doesn't involve CAS at all. Logging out of CAS kills your CAS single sign on session. It has the side affect of attempting to call back to every application the person logged into during that session and letting them know the session ended. But one can be logged out of their CAS session and still be logged into the local application if that application failed to acknowledge the CAS logout request. -Scott > > > Thanks, > > b. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
