Thank you, Marvin. --- On Sat, 2012/9/1, Marvin Addison <[email protected]> wrote:
On Fri, Aug 31, 2012 at 4:31 AM, <[email protected]> wrote: > > I read that when I issue /logout command, it destroys the TGC that has > been stored by the CAS server upon establishment of a SSO session. I assume > the TGC is stored on the client side. But I also see that in CAS server > logs, "something" is happening.. basically ticket TGT-XXX.. is being > removed. > > I am trying to explore a possibility where only removing local TGC would > log me out from an SSO regime. Destroying the session cookie will effective log you out of CAS. > But I don't know what happens that server > side TGT-XXX? Would the ticket registry just grow and grow for each new SSO > session? Yes, until the orphaned ticket is purged either by cache expiration (cached-based ticket registries) or periodic ticket registry cleaning (driven by Quartz scheduled task.) > how would the remote CAS server know if a user has deleted his or her TGC on > the client side? Not possible. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
