Hi Eric, I confirm that I am also facing the same issue. It looks like that when we log out it does not destroy the cookie/session under the browser though it is destroyed on CAS. I can access the resource without authenticating again on the same browser window. Or in case I close the browser and access again only then I am asked to provide credentials.
I am sorry I have no solution to offer but it is happening with us too. Kind regards, Farzan On 28/12/2012 11:31 AM, "Stein, Eric" <[email protected]> wrote: > Thanks for helping, Gil!**** > > ** ** > > Okay, I switched to SAML. I needed to do that anyway, so I'm glad to get > that out of the way. Unfortunately, I'm still seeing the issue. I'm using > Firefox 17.0.1. I log in to my hello-world webapp successfully. I included > this link in index.jsp:**** > > ** ** > > <a href="/authentication/logout" > onClick="session.invalidate()">Log out</a> **** > > ** ** > > When I click on the link, it takes me to the cas logoff screen and says I > have been logged out. However, when I return to /hello-world, I see the JSP > without needing to reauthenticate. I've attached the most recent version of > my web.xml file. If anybody has any thoughts, I'd really appreciate it.*** > * > > ** ** > > Thanks,**** > > Eric Stein**** > > ** ** > > *From:* Gil Victor Teixeira Pinto [mailto:[email protected]] > *Sent:* Thursday, December 27, 2012 2:04 PM > *To:* [email protected] > *Cc:* [email protected]; [email protected]; Stein, Eric > *Subject:* Re: [cas-user] CAS 3.5.1: Having trouble with Sign-Out**** > > ** ** > > Hi, > > The only difference that i have in my web.xml is the SAML: > > <!-- SSOut https://wiki.jasig.org/display/CASC/Configuring+Single+Sign+Out--> > <filter> > <filter-name>CAS Single Sign Out Filter</filter-name> > > <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> > <init-param> > <param-name>artifactParameterName</param-name> > <param-value>SAMLart</param-value> > </init-param> > </filter> > > > I've also SAML at: > > > <!-- CAS --> > <filter> > <filter-name>CAS Authentication Filter</filter-name> > <filter-class>org.jasig.cas.client.authentication.* > Saml11AuthenticationFilter*</filter-class> > <!-- > > <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> > --> > <init-param> > <param-name>casServerLoginUrl</param-name> > <param-value>https://server:8443/cas/login</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>http://server:8080</param-value> > </init-param> > </filter> > > <filter> > <filter-name>CAS Validation Filter</filter-name> > <filter-class>org.jasig.cas.client.validation.* > Saml11TicketValidationFilter*</filter-class> > <!-- > > <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> > --> > <init-param> > <param-name>casServerUrlPrefix</param-name> > <param-value>https://server:8443/cas</param-value> > </init-param> > <init-param> > <param-name>serverName</param-name> > <param-value>http://server:8080</param-value> > </init-param> > <init-param> > <param-name>redirectAfterValidation</param-name> > <param-value>true</param-value> > </init-param> > <init-param> > <param-name>useSession</param-name> > <param-value>true</param-value> > </init-param> > </filter> > > > > On Wednesday, December 26, 2012 8:24:41 PM UTC-2, Stein, Eric wrote:**** > > I've got Tomcat 7.0.25 running with CAS 3.5.1 and a trivial java webapp > with one JSP. I added a link from the page to /cas/logout. When I follow > the link, CAS tells me I've logged out successfully, but I can navigate > back to the page without needing to authenticate again. It looks like > tickets are still being granted. I'm also seeing this line in my client > webapp: > > 17:10:01.946 [http-bio-8080-exec-12] TRACE > o.j.c.c.session.SingleSignOutFilter - Ignoring URI /hello-world/ > > Does anyone have any thoughts on what I might be doing wrong? Is there > any documentation on sign out/single sign out that I'm missing? > > Thanks, > Eric Stein > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user**** > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager ( [email protected]). Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. Rosmini Collegeaccepts no liability for any damage caused by any virus transmitted by this email. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
