> I want to destroy the session (session.invalidate()), clean all the tickets > that I created (TGTs, PGTs, STs, PTs) and go back to the login page.
You don't use the SingleSignOut filter to do this. That filter is to cause all the _other_ applications a user accessed during a single sign out session to be ended when the CAS session ends. The scope of the SingleSignOutFilter should be the same as your AuthenticationFilter. For your case, create a logout.jsp and call session.invalidate() then issue a redirect to https://your.cas.edu/cas/logout. There's no way to get back to the login page of either CAS or your webapp by default. You could modify the logout view of CAS to simply issue a redirect instead of rendering a view. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
