> Would anyone please happen to know of patched to the CAS code - either > open-source or commercial - that solve this (e.g. implementing the CAS-742 > suggestion, to distinguish between "redirect" address and "logout > notification" address)?
I developed a patch for this over a year ago, but apparently lost the source. I still have the VMs lying around where I did the QA work so maybe the source is on there. The OVA is available here: https://docs.google.com/open?id=0Bw8LSvcVZrEvWlUzTDdBX0hJbFU I had intended to provide this as a proof-of-concept for a VM-in-a-box solution for CAS, but haven't had the time to develop further. > Frankly I don't understand how CAS can be used so widely without solving such > a fundamental problem. In over a decade in IT, most of my applications were > load-balanced, and all of them had "logout". > > It simply doesn't make sense for developers to give up load balancing, or > give up "logout".... First, it's a hard problem and any solution has fundamental weaknesses. Please do some research on the many difficulties with distributed single sign-out; there are many discussions on this topic in the cas-user list archives as well as the Shibboleth user list. Second, work has clearly been done. I'd encourage you to spend some energy collaborating with our community to develop and test a solution that is suitable for general use. It's far more productive than lamenting lack of features. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
