Xuejin, Whenever an application using the SSO expires a users' session, it doesn't make sense that the application forces the user to logout of the SSO. The application should either increase its session timeout to be that of the SSO timeout or store the session information in something that survives reboot.
HTH, A- -- Andrew Feller, Analyst LSU University Information Services 200 Frey Computing Services Center Baton Rouge, LA 70803 Office: 225.578.3737 Fax: 225.578.6400 -----Original Message----- From: Xuejin Ruan [mailto:[email protected]] Sent: Fri 6/12/2009 6:16 PM To: [email protected] Subject: Re: [cas-user] How to sign out of CAS when spring security app session timeout? oh well, I think I get it working. I set followServiceRedirects="true" in logoutController in cas-servlet.xml. And then in the custom filter I wrote, when session timeout was detected, it will be redirect to cas logout url, with current requestURL appended as service url. Xuejin Ruan wrote: > > I have an application implementing Spring Security. In web.xml, I set up > HttpSessionEventPublisher listener, and configures session timeout as 5 > minutes. When the application times out, how do I invalidate CAS single > sign on session to force the user to relogin? > > I have tried to create a customized filter, which will redirect the user > to cas logout link when the application times out. However, it doesn't > work as I expected. Can anyone tell me how to do backend logout of CAS, > instead of redirect url to cas logout page? > -- View this message in context: http://www.nabble.com/How-to-sign-out-of-CAS-when-spring-security-app-session-timeout--tp24006847p24007413.html Sent from the CAS Users mailing list archive at Nabble.com. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
