Since you are invalidating the user's CASTGC, why not simply redirect them to the CAS server's logout service? It is essentially the same thing.
HTH, A- Andrew R Feller, Analyst University Information Systems 200 Fred Frey Building Louisiana State University <http://www.lsu.edu/> Baton Rouge, LA, 70803 (225) 578-3737 (Office) (225) 578-6400 (Fax) ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adam Rybicki Sent: Wednesday, March 19, 2008 3:01 PM To: Yale CAS mailing list Subject: How to invalidate a TGT in CAS 3.1.2? I have a filter that sits "in front of" CAS. The purpose of this filter isn't important, but in certain conditions it needs to invalidate a TGT. The filter does not have access to the CASTGC cookie,but it does have the TGT ID. I can use (and have proven that it works) TicketRegistry to get me a TicketGrantingTicket, but that has no obvious invalidate() method. I don't think that expire() and deleteTicket() is the way to go. Should I instead get CentralAuthenticationService and call its destroyTicketGrantingTicket() method? I think that this would probably work, but is it the "right way" to do it? Thanks, Adam
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
