Sorry I misread your email. I'll double check the CAS server logs for sending logout requests to gateway'ed clients.
Thanks, Matt On 11/14/10 3:09 AM, "Joachim Fritschi" <[email protected]> wrote: Please have a look at the documentation [1] how to handle logout requests. Using the gateway feature _does_ work with the logout request. As far as i can tell from your code snippet you are missing the phpCAS::handleLogoutRequests(); that would handle the incoming logout request. Aside from that you can try using the phpCAS::renewAuthentication() function that will reauthenticate your phpcas session with a new ticket from the cas server. The function phpCAS::setCacheTimesForAuthRecheck(0) you are using only "works" for non authenticated users. It's used to set how often a gatewayed page will recheck for an existing CAS session for an anonymous user. Best Regards, Joachim [1] https://wiki.jasig.org/display/CASC/phpCAS+examples#phpCASexamples-HandlelogoutrequestsfromtheCASserver Am 14.11.2010 03:10, schrieb Matthew Selwood: > I meant to include the snippet of my code performing the gateway: > > //initialize the CAS library require_once('CAS.php'); $CASAUTH = array( > "version" => "2.0", "proxy" => FALSE, "server" => "abc.com", "port" => > 8444, "uri" => "/cas", "start_session" => TRUE ); > phpCAS::client($CASAUTH["version"], $CASAUTH["server"], > $CASAUTH["port"], $CASAUTH["uri"], $CASAUTH["start_session"]); // no SSL > validation for the CAS server phpCAS::setNoCasServerValidation(); > phpCAS::setCacheTimesForAuthRecheck(0); $auth = > phpCAS::checkAuthentication(); > echo "authenticated: ".$auth; echo "phpCAS user: > ".$_SESSION['phpCAS']['user']; > > I'm always getting user A in my echo statement. > > Thanks again, > Matt > > On 11/13/10 5:47 PM, "Matthew Selwood" <[email protected]> wrote: > > Hello all, > > I'm having an issue using the gateway feature with phpCAS. > > Here's my scenario: > > 1. User A logs in to CAS and then goes to website abc.com which > is gateway'ing using phpCAS. PhpCAS stores the user as 'A' in > $_SESSION['phpCAS']['user']. > 2. User A now logs out of CAS. Note: no logout request is sent to > abc.com because it was using the gateway feature. > 3. On the same computer, user B logs in to CAS and then goes to > website abc.com. > 4. Website abc.com doesn't gateway back to CAS, because it still > has the $_SESSION['phpCAS']['user'] set to 'A'. > > > PhpCAS on website abc.com thinks user B is user A. > > How do you clear the session between each phpCAS gateway? Is the > only way to get around such an issue to gateway against the CAS > server each visit to website abc.com? > > Thanks, > Matt > > > ------------------------------- > Matthew Selwood > Web and Identity Services Developer - Web Services > University of Victoria > 250.472.5565 | [email protected]_ <_mailto:[email protected]_> | CLE C006 > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user ------------------------------- Matthew Selwood Web and Identity Services Developer - Web Services University of Victoria 250.472.5565 | [email protected] <mailto:[email protected]> | CLE C006 -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
