> The logout was succesful, and the session was invalidated, but I still in > the same page.
When you hit /cas/logout, you see the "Successfully logged out" page of CAS. That's the correct behavior by design, which we feel is generally acceptable. If you need something else, you can alter the logout JSP to issue a redirect somewhere else. > The second scenario that I tried was accesing webapp1 through a succesful > login, and then, access webapp2 through a proxy ticket generated in webapp1. > After that, I did a logout in webapp1, and it didn't send a logout request > to webapp2. The single sign out doesn't work for applications that I accesed > through a proxy ticket? I've never tried that flow, but I'd expect any accessed service to be recorded and therefore a target of a logout message. Can you post logs from webapp2 and from the CAS server with logging turned up enough to show it issuing the logout requests? > And a general doubt. The single sign out applies to all the applications > that I entered that share the same TGT, is it right? Correct. > I tried to open two IE > (I'm a not a fan of it!!!), and it didn't send the logout request to the > second webapp. You'd have to confirm whether both windows share state, e.g. have the same TGT stored in the TGC cookie. Modern browsers are getting fairly complicated in this area and I personally can't keep up with which one does what. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
