>From the readme it says "* CAS single sign out is currently not functional and disabled. It
is only safe to use in the case where all requests are GET and not POST (the module inadvertently 'eats' some content of the POST request while determining if it should process it as a SAML logout request)." I have not run tests to see if that's the case. CAS logout clears ST related cookies that were set for your application context. mod_auth_cas again sets its own cookie. Current version of mod_ath_cas does not support SLO and I think it's in the list of things to include in the future releases. We have got a similar setup with CAS running on a tomcat and mod_auth_cas protecting a number of apps. CAS logout call does not clear cookies set by mod_auth_cas. We took the option of clearing the cookie via javascript on the client. This is not the best practice but helped us work around the issue I will be keen to find out if there is any other way to achieve this. Cheers From: Radhakrishnan Jay [mailto:[email protected]] Sent: Friday, 10 December 2010 2:05 AM To: [email protected] Subject: [cas-user] Single signout Hi Everyone, I was trying to configure single signout. >From the readme it says "* CAS single sign out is currently not functional and disabled. It is only safe to use in the case where all requests are GET and not POST (the module inadvertently 'eats' some content of the POST request while determining if it should process it as a SAML logout request). " I thought, I will take a risk and see whatz happening. This is my environment. I had casified the the apache server running Bugzilla. Now, I want to implement , when someone logout of main application, it should logout from Bugzilla as well. What is happening now is, the session cookie mod_auth _cas is still present. Could Phil, or some one give me some pointers. Regards Jay -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
