Thanks for the link to that thread. I haven't had much luck searching
the archive so far, but this gives me some leads.
I was actually leaning towards modifying the CAS Single Sign Out filters
to make them aware of the other JVMs and invalidating each of them.
The idea I plan to use is to modify one of the CAS sign on filters to
write the ticket id to a file on the server. My custom sign-on filters
(used for authorization, demographic data loading to session, etc) will
check for that file before allowing the user into the application. I
will then modify the CAS single sign out filter to remove this file when
it receives the single sign out message. Since this file is shared
server wide, each JVM will check for that file when the sign-on filters
run to validate the user is actually logged in.
This is my plan, now to make it work...
Thanks,
Chad
On 4/9/2010 8:50 AM, Marvin Addison wrote:
When the single sign out message comes in, it
depends which JVM handles that request as to which application(s) will
actually get logged out. Only application that have session in the JVM will
be logged out.
You've described a particular flavor of the clustered CAS client
scenario, and we've discussed solutions to this recently. As Scott
said it's not supported at present, but there are solutions depending
on your deployment scenario. There are lots of threads on cas-user
and cas-dev lists where we discuss options;
http://n4.nabble.com/Problem-with-sessions-td1690919.html is one of
the better ones.
M
--
------------------------------------------------------------------------------
Chad M Wittrock ([email protected])
Systems Analyst/Web Apps
University of Northern Iowa
(319) 273-7437
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
