Thx Marvin,
However in my case application is having multiple WAR(s) in each
tomcat, the user is exposed only one URL and each WAR is having its own
context. Each WAR authenticates against CAS. If each WAR is having its own
context then CAS will post logout request to each individual WAR. (correct ?) .
With clustering the HttpSession clearing from the other tomcat will be taken
care of ( correct ?) .
--ALok
-----Original Message-----
From: Marvin Addison [mailto:[email protected]]
Sent: Monday, September 21, 2009 1:31 PM
To: [email protected]
Subject: Re: [cas-user] CAS logout
> Both the tomcat applications is the same, so when theĀ CAS callback for
> clearing the HttpSession occurs only one of the HttpsSession will be cleared?
Yes, in your clustering configuration. Additionally, the node that
handles the CAS LogoutRequest message may not be the one holding the
session. (The LogoutRequest is sourced from CAS, not the client, so
sticky sessions won't help.) The most straightforward solution to
this limitation is to enable Tomcat session clustering.
M
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
