You need to copy “argumentExtractorsConfiguration.xml” to your “spring-configuration” directory and add the property to each extractor:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:p="http://www.springframework.org/schema/p"; xmlns:util="http://www.springframework.org/schema/util"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd";> <description> Argument Extractors are what are used to translate HTTP requests into requests of the appropriate protocol (i.e. CAS, SAML, SAML2, OpenId, etc.). By default CAS and SAML are enabled. </description> <bean id="casArgumentExtractor" class="org.jasig.cas.web.support.CasArgumentExtractor" p:httpClient-ref="httpClient" p:disableSingleSignOut="true"/> <bean id="samlArgumentExtractor" class="org.jasig.cas.web.support.SamlArgumentExtractor" p:httpClient-ref="httpClient" p:disableSingleSignOut="true" /> <util:list id="argumentExtractors"> <ref bean="casArgumentExtractor" /> <ref bean="samlArgumentExtractor" /> </util:list> </beans> Hope that helps. -Tom On 1/17/11 11:16 PM, "Moshe Ben-Shoham" <[email protected]> wrote: Hi Scott, Thanks for your reply. I opened https://issues.jasig.org/browse/CAS-937. Meanwhile, I would like to disable all single signout, as you suggest, but I don’t know how to do it. The WIKI says “Because not all clients support single sign out, you may need to disable it at the server level. Each ArgumentExtractor has a property called "disableSingleSignOut", which if set to true will make sure the callback does not occur”, but it does not tell me much. Can you please help? Thanks, Moshe. From: Scott Battaglia [mailto:[email protected]] Sent: Tuesday, January 18, 2011 4:49 AM To: [email protected] Subject: Re: [cas-user] Ticket expiration triggers logout of all services (CAS-686) - why? On Sun, Jan 16, 2011 at 4:17 AM, Moshe Ben Shoham <[email protected]> wrote: Hi, This is mainly a question to CAS developers. CAS-686 was fixed in 3.3.5. I would like to understand the motivation behind it and maybe override the behavior. 1. Why should a user be logged out of an application just because the CAS ticket expired, which is actually just because he/she did not login to another application? in the JIRA issue itself (https://issues.jasig.org/browse/CAS-686?page=com.atlassian.jira.plugin.system.issuetabpanels:changehistory-tabpanel#issue-tabs) it is mentioned that this behavior may not be appropriate to all systems, yet it was decided to implement it without an apparent way to override it. Why? The typical thinking is that if a long-lived ticket has no longer been used, there is a high likelihood the user has walked away. I can see however, how that might not be ideal for some people. 2. How can I override this behavior? I do not see it is configurable in any way. I can maybe extend TicketGrantingTicketImpl and implement expire() such that it does not invoke logOutOfServices(), but I do not see where I can configure CAS to use my implementation. Its relatively easy to disable all single log out requests. If you'd just like to disable it from the registry cleaner, open a ticket and I'll get the flag to enable/disable into CAS 3.4.6. Cheers, Scott Thanks in Advance, Moshe -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
