Seems that single loggout is not working. Are your client app configured for accepts SLO SAML request?
https://wiki.jasig.org/display/casum/single+sign+out 2014-02-05 Carlos <[email protected]>: > Hi, > > Some days ago I was been doing some tests with the ticket expiration. > > What I have found is that if you have the jsession still available you > will be able to access to your protected resource. If the jsession cookie > is deleted or expired a new jsession will be created as long as your TGT > ticket (and your TGT cookie) is valid. Our idea is to reduce to the maximun > the living time of the CAS session or jboss session. > > Do the following test to verify that the jsession cookie is not > interfering with your expiration test. > > Once you know you ticked have expired, go to the browser and remove the > jsession cookie and try now. If the ticked is really expired wou should be > redirected to the login screen. > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
