Good day CAS users, I hope this message finds you all well.
Please advise me if this is not the correct forum to present a question like this (and accept my apologies). We are trying to setup CAS Single Sign OUT for several applications (and flat file websites) using Apache 2.2 with mod_auth_cas 1.0.10. CAS server version is 3.5. I've searched for a few days an cannot find a consistent description of this configuration and/or working example. Despite all of our efforts (I will outline below), calling the CAS logout URL does prevent login to new CAS protected services BUT mod_auth_cas services are still accessible until the browser window is closed (it appears that MOD_AUTH_CAS session cookie persists after logout). I suspect we are missing something easy but I've had no luck tracking it down. We have tried: * Setting CASSSOEnabled On in mod_auth_cas config * Using https vs http (with valid, signed certificates) on the services using mod_auth_cas * Confirmed that the CAS server can access the webserver running mod_auth_cas on port 443 * Using CAS v1 and CAS v2 I appreciate any guidance and assistance you are able to provide. Thank you in advance for your time and expertise. Neil Sabol Technical Support Analyst The University of New Mexico Information Technologies MSC02 1520 1 University of New Mexico Albuquerque, NM 87131 [email protected]<mailto:[email protected]> -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
