No, CAS doesn't ship with that feature, at least not surfaced in a handy Web-based UI.
You might be able to instrument the ticket registry using JMX and edit it live from a JMX console. If your registry implementation is database-backed, you might be able to edit the database live, though backdooring into data sources accessed via JPA has some complexity to it. This is a step in the direction of reporting on live sessions. One could imagine enhancing this modestly to provide a UI that exercises a REST call to zap unwanted single sign-on sessions. https://github.com/Unicon/cas-addons/wiki/Active-SSO-Sessions-Report Sounds like a good feature idea to me. Kind regards, Andrew On Wed, May 29, 2013 at 1:34 PM, Tom Poage <[email protected]> wrote: > Hello, > > Is there a way in CAS to administratively invalidate/destroy a TGT(s) for > a given principal? > > Thinking of a case with a compromised account and system policy of > relatively long-lived TGTs (multiple hours). > > Thanks! > Tom. > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
