Check your firewall settings, etc. to see if your outgoing call is being blocked.
On Tue, Jul 7, 2009 at 5:14 PM, Xuejin Ruan <[email protected]> wrote: > > Hi all, > > I have a couple applications implementing Single Sign Out solution. When > CAS > Server and CAS clients running on the same box, everything works as > expected. When I log off one applcation, it also logs off another > application. However, when I put them in distributed environment, Single > Sign Out doesn't work correctly. > > I am running cas-server-3.3.3 in boxA, and I have a Spring Security > application (app1) running on boxB using cas-client-3.1.6, and another > Spring Acegi application (app2) using cas-client-3.1.6 also on boxB. I > have > configured Single Sign Out filter and listener in web.xml file for both > apps > (http://www.ja-sig.org/wiki/display/CASC/Configuring+Single+Sign+Out). For > app1, I defined logout-success-url as "https://casserver:8443/cas/logout";; > and for app2, I have customed code to invalidate session variable and then > redirect to "https://casserver:8443/cas/logout"; upon logout. Single Sign > On > works correctly for both apps. However, if I have both app1 and app2 > running, when I logout of app1, app1's session was invalidated, it logout > of > app1 and logout-success-url was correctly displayed. But I can still browse > app2 without being challenged for credentials. The same thing happens if I > logout of app2, app1 seems still running fine. > > From what I have learned, for a Spring Security application, when user > click > the following link to logout: > '<c:url value="../j_spring_security_logout" '>Logout > it will invalidate user's session, and then it will be redirected to > logout-success-url defined in the xml config file. Then cas server will > send > out a request to other applications to destroy cache entry contraining the > corresponding service ticket. I don't have a very deep understanding about > this process. It seems to me that when app1 logout, and triggers cas server > to logout, it seems app2's SingleSignOutHttpSessionListener is not really > listening to the request sent out by cas server. Can someone correct me if > I > am wrong? > > Is there any configuration that I am missing? Please help! Another thing I > don't understand is, why it works with no problem when CAS server and > client > applications are in the same box same tomcat server? > > Thanks, > > Xuejin > -- > View this message in context: > http://www.nabble.com/Single-Sign-Out-problem-tp24381456p24381456.html > Sent from the CAS Users mailing list archive at Nabble.com. > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
