Hi, I have a problem with single sign out too. When i use a SSL offload server (in my case, i use nginx) in front of CAS server (jetty), i cant logout anymore. Do i have to add any config to CAS to place it behind a SSL offload server ?
Thank you On Thu, May 27, 2010 at 4:24 PM, João Galaio da Silva < [email protected]> wrote: > Hi, after upgrade to version 3.1.10 i also got the single sign out to work. > > Thanks for your time. > > Cheers, > Galaio > > > > > On Wed, May 26, 2010 at 9:27 PM, João Galaio da Silva < > [email protected]> wrote: > >> Hi scott, i will try it. >> >> Thanks, >> João >> >> >> On Wed, May 26, 2010 at 8:31 PM, Scott Battaglia < >> [email protected]> wrote: >> >>> Any reason you didn't go with 3.1.10? >>> >>> >>> On Wed, May 26, 2010 at 3:28 PM, João Galaio da Silva < >>> [email protected]> wrote: >>> >>>> After some tests i got sign out to work downgrading from client version >>>> 3.1.7 to 3.1.3. >>>> Do you thing there is some bug in client 3.1.7? >>>> >>>> I didn't test yet the other client version between 3.1.3 and 3.1.7. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> On Wed, May 26, 2010 at 5:28 PM, João Galaio da Silva < >>>> [email protected]> wrote: >>>> >>>>> To test this without the stress caused by the certificates. I placed >>>>> the casserver and client in the same computer. Both >>>>> using the same certificates. >>>>> I call the logout and now i get no errors. But if i call the servlet >>>>> where i'm doing the tests, i'm still logged. >>>>> Its necessary to capture something in the request from the servlet and >>>>> take further actions? >>>>> >>>>> Below is my webapp content: >>>>> >>>>> <?xml version = '1.0' encoding = 'windows-1252'?> >>>>> <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"; >>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>>>> xsi:schemaLocation="http://java.sun.com/xml/ns/j2eeweb-app_2_4.xsd";> >>>>> <description>Empty web.xml file for Web Application</description> >>>>> >>>>> >>>>> <context-param> >>>>> <param-name>serverName</param-name> >>>>> <param-value>https://galaio:8443</param-value> >>>>> </context-param> >>>>> >>>>> <filter> >>>>> <filter-name>CAS Single Sign Out Filter</filter-name> >>>>> >>>>> <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> >>>>> </filter> >>>>> >>>>> <filter-mapping> >>>>> <filter-name>CAS Single Sign Out Filter</filter-name> >>>>> <url-pattern>/AuthenticationHandler</url-pattern> >>>>> </filter-mapping> >>>>> >>>>> <listener> >>>>> >>>>> <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> >>>>> </listener> >>>>> >>>>> <filter> >>>>> <filter-name>CASAuthenticationFilter</filter-name> >>>>> >>>>> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> >>>>> <init-param> >>>>> <param-name>casServerLoginUrl</param-name> >>>>> <param-value>https://galaio:8543/cas/login</param-value> >>>>> </init-param> >>>>> <init-param> >>>>> <param-name>renew</param-name> >>>>> <param-value>false</param-value> >>>>> </init-param> >>>>> <init-param> >>>>> <param-name>gateway</param-name> >>>>> <param-value>false</param-value> >>>>> </init-param> >>>>> </filter> >>>>> >>>>> <filter> >>>>> <filter-name>CASValidationFilter</filter-name> >>>>> >>>>> <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class> >>>>> <init-param> >>>>> <param-name>casServerUrlPrefix</param-name> >>>>> <param-value>https://galaio:8543/cas/</param-value> >>>>> </init-param> >>>>> <init-param> >>>>> <param-name>tolerance</param-name> >>>>> <param-value>300000</param-value> >>>>> </init-param> >>>>> </filter> >>>>> >>>>> <filter> >>>>> <filter-name>CASHttpServletRequestWrapperFilter</filter-name> >>>>> >>>>> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> >>>>> </filter> >>>>> >>>>> <filter-mapping> >>>>> <filter-name>CASAuthenticationFilter</filter-name> >>>>> <url-pattern>/AuthenticationHandler</url-pattern> >>>>> </filter-mapping> >>>>> >>>>> <filter-mapping> >>>>> <filter-name>CASValidationFilter</filter-name> >>>>> <url-pattern>/AuthenticationHandler</url-pattern> >>>>> </filter-mapping> >>>>> >>>>> <filter-mapping> >>>>> <filter-name>CASHttpServletRequestWrapperFilter</filter-name> >>>>> <url-pattern>/*</url-pattern> >>>>> </filter-mapping> >>>>> >>>>> <!-- Parte que inegra o CAS [FIM] --> >>>>> >>>>> >>>>> >>>>> <!-- Servlet que implementa o funciomento dos modulos de ioc para >>>>> SSO [INICIO] --> >>>>> <servlet> >>>>> <servlet-name>AuthenticationHandler</servlet-name> >>>>> >>>>> <servlet-class>controller.sso.AuthenticationHandler</servlet-class> >>>>> </servlet> >>>>> >>>>> <servlet-mapping> >>>>> <servlet-name>AuthenticationHandler</servlet-name> >>>>> <url-pattern>/AuthenticationHandler</url-pattern> >>>>> </servlet-mapping> >>>>> <!-- Servlet que implementa o funciomento dos modulos de ioc para >>>>> SSO [FIM] --> >>>>> >>>>> <servlet> >>>>> <servlet-name>DIFTasks</servlet-name> >>>>> <servlet-class>controller.DIFTasks</servlet-class> >>>>> </servlet> >>>>> <servlet-mapping> >>>>> <servlet-name>DIFTasks</servlet-name> >>>>> <url-pattern>/DIFTasks</url-pattern> >>>>> </servlet-mapping> >>>>> <servlet> >>>>> <servlet-name>ConfigTasks</servlet-name> >>>>> <servlet-class>controller.ConfigTasks</servlet-class> >>>>> </servlet> >>>>> <servlet-mapping> >>>>> <servlet-name>ConfigTasks</servlet-name> >>>>> <url-pattern>/ConfigTasks</url-pattern> >>>>> </servlet-mapping> >>>>> <servlet> >>>>> <servlet-name>ImageLoader</servlet-name> >>>>> <servlet-class>controller.ImageLoader</servlet-class> >>>>> </servlet> >>>>> <servlet-mapping> >>>>> <servlet-name>ImageLoader</servlet-name> >>>>> <url-pattern>/ImageLoader</url-pattern> >>>>> </servlet-mapping> >>>>> <servlet> >>>>> <servlet-name>PhotoLoader</servlet-name> >>>>> <servlet-class>util.PhotoLoader</servlet-class> >>>>> </servlet> >>>>> <servlet-mapping> >>>>> <servlet-name>PhotoLoader</servlet-name> >>>>> <url-pattern>/PhotoLoader</url-pattern> >>>>> </servlet-mapping> >>>>> <servlet> >>>>> <servlet-name>BarCode</servlet-name> >>>>> <servlet-class>controller.features.barcode.BarCode</servlet-class> >>>>> </servlet> >>>>> <servlet-mapping> >>>>> <servlet-name>BarCode</servlet-name> >>>>> <url-pattern>/BarCode</url-pattern> >>>>> </servlet-mapping> >>>>> <servlet> >>>>> <servlet-name>IMSProcess</servlet-name> >>>>> >>>>> <servlet-class>tasks.sigesadmin.ems.ProcessRequestELearning</servlet-class> >>>>> </servlet> >>>>> <servlet-mapping> >>>>> <servlet-name>IMSProcess</servlet-name> >>>>> <url-pattern>/IMSProcess</url-pattern> >>>>> </servlet-mapping> >>>>> <session-config> >>>>> <session-timeout>30</session-timeout> >>>>> </session-config> >>>>> <mime-mapping> >>>>> <extension>html</extension> >>>>> <mime-type>text/html</mime-type> >>>>> </mime-mapping> >>>>> <mime-mapping> >>>>> <extension>txt</extension> >>>>> <mime-type>text/plain</mime-type> >>>>> </mime-mapping> >>>>> <welcome-file-list> >>>>> <welcome-file>index.jsp</welcome-file> >>>>> <welcome-file>index.html</welcome-file> >>>>> </welcome-file-list> >>>>> <taglib> >>>>> <taglib-uri>dif</taglib-uri> >>>>> <taglib-location>/WEB-INF/tlds/dif.tld</taglib-location> >>>>> </taglib> >>>>> >>>>> </web-app> >>>>> >>>>> >>>>> >>>>> Thanks, >>>>> Galaio >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Wed, May 26, 2010 at 2:23 PM, Marvin Addison < >>>>> [email protected]> wrote: >>>>> >>>>>> > From what i seeing now. This is because there's some problem with >>>>>> the >>>>>> > certificate. Is this the problem? >>>>>> >>>>>> Looks like it. Please see >>>>>> >>>>>> http://www.ja-sig.org/wiki/display/CASUM/SSL+Troubleshooting+and+Reference+Guide >>>>>> . >>>>>> If none of the suggested fixes for your error work, please following >>>>>> the instructions in the "When All Else Fails" section and attach the >>>>>> SSL trace to your next post. >>>>>> >>>>>> M >>>>>> >>>>>> -- >>>>>> You are currently subscribed to [email protected] as: >>>>>> [email protected] >>>>>> To unsubscribe, change settings or access archives, see >>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>>>> >>>>> >>>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> >>>> >>>> >>>> >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>>> >>> -- >>> >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> >>> >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >>> >> > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
