Cheers William
Sent from my iPhone On 23 Jun 2011, at 03:09 AM, "William G. Thompson, Jr." <[email protected]> wrote: > On Wed, Jun 22, 2011 at 9:48 PM, Mr. Howard Hill <[email protected]> > wrote: >> Hello CAS Team, >> I am unable to logout of the CAS client, even if I invalidate the session >> the user is still allowed to access the page. Could the cause of this be > > Unlikely. The CAS SSO Session and the Application Session are > independent. Invalidating the application session will not terminate > the CAS SSO Session as well. Once the CAS Client validates the > Service Ticket it is pretty much out of the picture. One doesn't > "logout of the CAS client". > > Since you still have a CAS SSO Session, an attempt to access the > application will result in a new ST granted. > > If you want to kill the CAS SSO Session you have to redirect to > /cas/logout after application session validation. However a > recommended practice is to instead provide a logout screen for the > application with a link to kill the SSO Session that the user could > choose or not. See: > https://wiki.jasig.org/display/CASC/CAS+Client+for+Java+3.1 > > Best, > Bill > > >> >> 1) The error below , however I am still able to login and access other >> application in SSO >> >> Caused by: error.authentication.credentials.bad >> at >> org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException.<clinit>(BadCredentialsAuthenticationException.java:25) >> at >> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:101) >> at >> org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody0(AbstractAuthenticationManager.java:41) >> at >> org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody1$advice(AbstractAuthenticationManager.java:44) >> at >> org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:1) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:585) >> at >> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) >> >> >> 2) Do i need to be explicit and log out success to below >> >> <bean id="logoutFilter" >> class="org.springframework.security.web.authentication.logout.LogoutFilter"> >> <constructor-arg value="https://server:8443/cas/logout"/> >> <constructor-arg> >> <list> >> <bean >> class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/> >> </list> >> </constructor-arg> >> </bean> >> >> Thanks and Best Regards, >> Mr. Howard Hill >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
