Ok, that makes sense. Thanks for explaining that, Scott.
Eric Stein From: Scott Battaglia [mailto:[email protected]] Sent: Friday, December 28, 2012 12:23 AM To: [email protected] Subject: Re: [cas-user] CAS 3.5.1: Having trouble with Sign-Out That message gets written out (at trace level) whenever a URI does not have the logout request or an authentication token (so basically every page besides the logout request and the initial redirect back from CAS). On Wed, Dec 26, 2012 at 5:24 PM, Stein, Eric <[email protected]> wrote: I've got Tomcat 7.0.25 running with CAS 3.5.1 and a trivial java webapp with one JSP. I added a link from the page to /cas/logout. When I follow the link, CAS tells me I've logged out successfully, but I can navigate back to the page without needing to authenticate again. It looks like tickets are still being granted. I'm also seeing this line in my client webapp: 17:10:01.946 [http-bio-8080-exec-12] TRACE o.j.c.c.session.SingleSignOutFilter - Ignoring URI /hello-world/ Does anyone have any thoughts on what I might be doing wrong? Is there any documentation on sign out/single sign out that I'm missing? Thanks, Eric Stein -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
