Understood. Still, it should be allowed for an application to request CAS to
invalidate the issued ticket, and configure CAS so that this destroys the
user's sign-on session? 

 

Thanks!

Peter

 

From: Scott Battaglia [mailto:[email protected]] 
Sent: Tuesday, January 15, 2013 9:15 AM
To: [email protected]
Subject: Re: [cas-user] Single sign out without redirection

 

By design, your applications have no access to the user's single sign on
session.  The session is only between CAS and the user (using HTTP/cookies
as the transfer mechanism).  The one downside to that is the browser does
always need to be involved.

 

 

On Tue, Jan 15, 2013 at 10:03 AM, Peter Zeltins <[email protected]>
wrote:

Good to know! Thanks! 

 

I understand there really is no way to do it on the server? I have to rely
on user's browser to navigate to CAS logout?

 

From: Scott Battaglia [mailto:[email protected]] 
Sent: Monday, January 14, 2013 8:30 PM
To: [email protected]
Subject: Re: [cas-user] Single sign out without redirection

 

Assuming your application's URL is white-listed in the Services Management
tool, and you enable the "service redirect" flag on the logout controller,
you can do /cas/logout?service=http://my.url.com/to/redirect/to and it will
redirect back after it does the log out.

 

On Mon, Jan 14, 2013 at 3:16 PM, Peter <[email protected]> wrote:

Is there any way to terminate CAS session without redirecting user to
cas/logout page? I was thinking something like a REST request. The reason is
that I would like user to stay on my application's logout page instead of
generic CAS logout. Also, I find it difficult to securely redirect the user
to cas/logout when his local session expires (or is administratively
terminated). 

 

Thanks!

Peter

 


-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 

-- 
You are currently subscribed to [email protected] as:
[email protected]


 
 
 
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user

 

-- 
You are currently subscribed to [email protected] as:
[email protected]
 
 

To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
-- 
You are currently subscribed to [email protected] as:
[email protected]


 
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user

 

-- 
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to