Understood. Still, it should be allowed for an application to request CAS to invalidate the issued ticket, and configure CAS so that this destroys the user's sign-on session?
Thanks! Peter From: Scott Battaglia [mailto:[email protected]] Sent: Tuesday, January 15, 2013 9:15 AM To: [email protected] Subject: Re: [cas-user] Single sign out without redirection By design, your applications have no access to the user's single sign on session. The session is only between CAS and the user (using HTTP/cookies as the transfer mechanism). The one downside to that is the browser does always need to be involved. On Tue, Jan 15, 2013 at 10:03 AM, Peter Zeltins <[email protected]> wrote: Good to know! Thanks! I understand there really is no way to do it on the server? I have to rely on user's browser to navigate to CAS logout? From: Scott Battaglia [mailto:[email protected]] Sent: Monday, January 14, 2013 8:30 PM To: [email protected] Subject: Re: [cas-user] Single sign out without redirection Assuming your application's URL is white-listed in the Services Management tool, and you enable the "service redirect" flag on the logout controller, you can do /cas/logout?service=http://my.url.com/to/redirect/to and it will redirect back after it does the log out. On Mon, Jan 14, 2013 at 3:16 PM, Peter <[email protected]> wrote: Is there any way to terminate CAS session without redirecting user to cas/logout page? I was thinking something like a REST request. The reason is that I would like user to stay on my application's logout page instead of generic CAS logout. Also, I find it difficult to securely redirect the user to cas/logout when his local session expires (or is administratively terminated). Thanks! Peter -- This message has been scanned for viruses and dangerous content by <http://www.mailscanner.info/> MailScanner, and is believed to be clean. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
