Hi,
@Enrico: thanks for the reply.
i am trying to do the things u said.
i have a question.
whether i need to do the changes in any of the cas server files?
thanks and regards
lalitanand
On Wed, Feb 27, 2008 at 1:03 PM, Enrico Cavalli <[EMAIL PROTECTED]> wrote:
>
> On Wed, 2008-02-27 at 12:36 +0530, lalitanand dandge wrote:
> > Hi all,
> > I have CAS (3.1) Server running, and three PHP clients those can
> > contact to CAS for authentication.
> > The Single Sign On works fine for those applications (Drupal, moodle,
> > mediawiki).
> > I have problem with the logout, I want to configure the application
> > and the CAS server for global logout, but I am unable to find
> > good documentation (user manual) to do that.
> > So can anybody help me give steps what i need to do to get it done.
> > (what configuration, which files to edit etc.)
> >
>
> For single logout the cas server will send a POST request to the PHP
> clients, cotaining the initial service ticket ST-NNN-... issued to the
> client. So the trick is
>
> 1) on session initiation: register somewhere this service ticket
> associated with the php session_id() (a session variable could do the
> job)
>
> 2) on logout parse the POST request and delete the correspoding session
>
> For instance my php clients start with these code:
>
> if ($_REQUEST['logoutRequest']) {
>
> session_write_close();
>
>
> ereg("<samlp:SessionIndex>(ST-[0-9]+-[^<]+)<\/samlp:SessionIndex>" ,
> $_REQUEST['logoutRequest'] , &$regs);
>
> ---- code to delete the session -----
>
> exit;
> }
>
> I found really useful, for other reasons too , to save all session data
> to a (postgres) db instead of files. So the code to delete the session
> is really easy in my case:
>
> $query="DELETE from php_sessions WHERE
> service_ticket='".$regs[1]."';";
>
>
> Also associating the initial service ticket to a session is something
> not complicated:
>
> if ($_REQUEST['ticket']) {
> $query = "update php_sessions set
> service_ticket='".$_REQUEST['ticket']."' where
> session_id='".session_id()."'
> ;";
>
>
>
> Hope this helps. If somehone has done this with the standard PHP session
> save handler, it would be useful to see how it can be done.
>
>
> --
> Enrico Cavalli
> CILEA - via R. Sanzio 4, 20090 - Segrate (MI), Italy
> phone: +39 02 26995.383 - fax: +39 02 2135520 - skype: enricocavalli
> PGP Fingerprint: 3762 7B1B 743E 029C 8F94 8ADE BC4B 43A7 0485 30E5
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
--
"Talk is cheap. Show me the code. Think Open, use Open Source!"
Visit & Register at http://www.ossrc.org.in
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
