Please disregard the previous email. I built the wrong version of CAS, sorry for the mistake.
Bryan Wooten [email protected] Work: 801.585.9323 Cell: 801.414.3593 -----Original Message----- From: Bryan Wooten [mailto:[email protected]] Sent: Tuesday, July 06, 2010 9:22 AM To: [email protected] Subject: RE: [cas-user] Still no luck logging out Ok, I got log4j working and I see this in cas.log: 2010-07-06 08:44:26,568 DEBUG [org.jasig.cas.authentication.principal.SamlService] - Sending logout request for: https://guide.acs.utah.edu:9932/uofu/stu/GraduateTracking However, I still don't see the post in my access log file. So I modified the code in AbstractWebApplicationService.java: public synchronized boolean logOutOfService(final String sessionIdentifier) { if (this.loggedOutAlready) { return true; } LOG.debug("Sending logout request for: " + getId()); final String logoutRequest = "<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"" + GENERATOR.getNewTicketId("LR") + "\" Version=\"2.0\" IssueInstant=\"" + SamlUtils.getCurrentDateAndTime() + "\"><saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">@NOT_USED@</saml:NameID><samlp:SessionIndex>" + sessionIdentifier + "</samlp:SessionIndex></samlp:LogoutRequest>"; this.loggedOutAlready = true; if (this.httpClient != null) { // I added this debug statement: LOG.debug("ACTUALLY Sending logout request for: " + getId()); return this.httpClient.sendMessageToEndPoint(getOriginalUrl(), logoutRequest); } My debug statement does not get printed out. Therefore this.httpClient is null. Any ideas? Thanks, Bryan Wooten [email protected] Work: 801.585.9323 Cell: 801.414.3593 -----Original Message----- From: Marvin Addison [mailto:[email protected]] Sent: Tuesday, July 06, 2010 8:02 AM To: [email protected] Subject: Re: [cas-user] Still no luck logging out > I am seeing very little in my cas.log file. (Like almost nothing). Here is my > log4j settings: If Glassfish is like JBoss, logging is best configured in the container instead of in the application. I can assure you that if you put flow in DEBUG, you should see all the data posted to the server in the login form including password. Your failure to see this seems to confirm that logging should be configured elsewhere in Glassfish. Again, I encourage you to review your container http access logs, wherever they are written. In some cases you have to explicitly enable logging of http requests, but there should be documentation somewhere out there describing how to do this in Glassfish. Reviewing access logs will confirm whether the CAS logout request is even making it to your host. Again, the most common problems for single sign out are SSL issues, firewalling, and network routing problems. You can rule out the last two by careful review of the access logs. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
