In addition to the filter configuration, you need the following in your application web.xml:
<listener> <listener-class> org.jasig.cas.client.session.SingleSignOutHttpSessionListener </listener-class> </listener> Much more valuable than the access log is your application log. The org.jasig.cas category will emit a DEBUG message like the following if it correctly receives the SAML logout assertion sent by the server: 2009-01-07 16:16:20,229 DEBUG [org.jasig.cas.client.session.SingleSignOutHttpSessionListener] Removing HttpSession: sPt6tRJloLpInuAg7o0lWg** Hope that helps, M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
