Are you seeing POST calls in your Apache logs to the service url? That would indicate whether CAS is sending the Single Sign Out message or not.
-Scott On Mon, Apr 7, 2008 at 3:06 PM, tedzo <[EMAIL PROTECTED]> wrote: > I renamed the subject line to better describe the question. > > I looked through a document pointed to by another poster (Adam)- > http://www.ja-sig.org/wiki/display/CASUM/Single+Sign+Out. This document > talks about "a callback to each of the services that are registered..." > Where/How do I register? As of now I have- > 1. Added the SingleSignOut filter to the web.xml of each webapp (before > the other 3 filters- Authentication, Validation, Wrapper). > 2. Added the HttpSessionListener to each webapp's web.xml (before all the > filters are defined). > 3. I redirect the user to https://<server>:8443/cas/logout during logout. > > Do I need to register for the callback explicitly? I am not sure even if > the SignOutFilter is being invoked because if I don't call > session.invalidate() before redirecting to /cas/logout, the session > continues to be valid. I am missing something here. What is it? > > Thanks for your time. > > ----- Original Message ---- > From: tedzo <[EMAIL PROTECTED]> > To: Yale CAS mailing list <[email protected]> > Sent: Sunday, April 6, 2008 10:48:31 PM > Subject: Re: How to get the username (netID)? > > Ok, so I am looking at the SingleSignOutFilter and > SingleSignOutHttpSessionListener and these are per webapp (i.e, defined in > every webapp's web.xml). Also, the code indicates that the filter > invalidates the session in the webapp where the user attempted to logout. > So, I am not sure I understand how this can cause the same user's sessions > in other webapps to also be destroyed. In short, how can this work? > > I am guessing I don't understand how a HttpSessionListener works... > > Thanks. > > ----- Original Message ---- > From: tedzo <[EMAIL PROTECTED]> > To: Yale CAS mailing list <[email protected]> > Sent: Sunday, April 6, 2008 9:53:37 PM > Subject: Re: How to get the username (netID)? > > Scott, > Thank you for your response. > > Actually, it turned out that I needed to include the other filters too > (not just the authentication filter, unlike the Yale Client I was used to). > After I included the ValidationFilter, it worked just fine. > > I have now included the SingleZSignoutFilter and the SessionListener in > order to get SingleSignout working and its not? I added the filter and > listener to web.xml of 2 webapps. I invalidate the session and redirect to > /cas/logout when the user chooses to logout in one of the webapps. The > logout page displays. I assumed at this point that I would be logged out of > the other webapp too. Thats not hapenning. What am I missing? (I admit, I > haven't yet searched the archives for mails detailing similar problems...) > > Thanks for your time. > > Av. > > ----- Original Message ---- > From: Scott Battaglia <[EMAIL PROTECTED]> > To: Yale CAS mailing list <[email protected]> > Sent: Sunday, April 6, 2008 6:27:01 PM > Subject: Re: How to get the username (netID)? > > Hi, > > What order are your filters in? Our wiki page (which I think you were > looking at) shows the order they should appear in. If they're in that > order, they should work. At least we haven't noticed any problems so far > :-) > > -Scott > > On Sat, Apr 5, 2008 at 2:01 PM, tedzo <[EMAIL PROTECTED]> wrote: > > > Thank you Calcutta for your response. > > > > After reading the document a bit more I too realized that I would need > > the HttpServletRequestWrapper. So, I added that. However I am hitting a > > weird NullPointerException when I try to get the RemoteUser- Apparantly, > > getUserPrincipal() is null within HttpServletRequestWrapperFilter. > > > > I am not sure what the cause of that would be. Is there an issue with > > the SSL certificate or something? I was successfully using server 3.06 and > > Yale client 2.1.1 on this machine and I replaced both with newer versions > > (3.1.2 and 3.1.1 client). So, I assumed everything should just start > > working... > > > > Exception Status Code : 500 > > Resource : /DXX/login.jsp > > Error : org.apache.jasper.JasperException: An exception occurred > > processing JSP > > page /login.jsp at line 85 > > > > 82: System.out.println("2222*****************"); > > 83: String ticket = request.getParameter("ticket"); > > 84: System.out.println("3333*****************"); > > 85: String user = request.getRemoteUser(); > > 86: System.out.println("4444*****************"); > > 87: int ec = -1; > > 88: > > > > > > Stacktrace: > > > > org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper > > .java:524) > > > > org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:435) > > org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320) > > org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > root cause: [java.lang.NullPointerException] :: null > > > > org.jasig.cas.client.util.HttpServletRequestWrapperFilter$CasHttpServletRequestW > > rapper.getRemoteUser(HttpServletRequestWrapperFilter.java:80) > > org.apache.jsp.login_jsp._jspService(login_jsp.java:1098) > > org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > > > org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393) > > > > GET Query : > > rdir=%2FDXX%2Fmain.jsp%3Bjsessionid%3D10FA876D949F2C47D450E6055A2DB8 > > > > 79%3Fticket%3DST-1-bL1W1fQcus4ak3PDc9wi&error=7&ticket=ST-2-c5icFZJZe0LMbAaOATNc > > > > > > 2008-04-05 10:42:38,428 DEBUG [http-8080-2] > > authentication.AuthenticationFilter: > > 81 - no ticket and no assertion found > > 2008-04-05 10:42:38,428 DEBUG [http-8080-2] util.CommonUtils :195 - > > serviceU > > rl generated: > > http://ani.dxx.com:8080/DXX/login.jsp?rdir=%2FDXX%2FW<http://ani.dxx.com:8080/DMM/login.jsp?rdir=%2FDMM%2FW> > > > > EB-INF%2Fapplication%2Ferror%2Fexception.jsp%3Frdir%3D%252FDXX%252Fmain.jsp%253B > > > > jsessionid%253D10FA876D949F2C47D450E6055A2DB879%253Fticket%253DST-1-bL1W1fQcus4a > > > > Thank you for your time. > > > > > > ----- Original Message ---- > > From: Oh Calcutta <[EMAIL PROTECTED]> > > To: Yale CAS mailing list <[email protected]> > > Sent: Friday, April 4, 2008 11:42:35 PM > > Subject: Re: How to get the username (netID)? > > > > > > - If you enable HttpServletRequestWrapper filter, then you can do a > > simple request.getRemoteUser() to get the NetId. > > > > > > tedzo wrote: > > > > Some progress in my quest to use JA-SIG client 3.1.1 and eventually the > > SingleSignOutFilter... > > I am trying to get a hold of the username (netId) but have been unable > > to. It seems that I should be able to get to it using > > session.getAttribute("_const_cas_assertion_") from my jsp. But that doesn't > > seem to work. > > > > What am I missing? > > > > Thanks. > > > > > > ----- Original Message ---- > > From: tedzo <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> > > To: Yale CAS mailing list <[email protected]> <[email protected]> > > Sent: Friday, April 4, 2008 10:48:29 PM > > Subject: Re: Which version of cas to use for SingleSignOut feature? > > > > Ok, I found > > > > http://www.ja-sig.org/wiki/display/CASC/Configuring+the+JA-SIG+CAS+Client+for+Java+in+the+web.xml > > > > That document describes 6 different filters (AuthenticationFilter, > > HttpServletRequestWrapper and so on). I am not sure if I need to configure > > all the filters or can I get away with just the AuthenticationFilter? In the > > Yale version I configured just the one filter (CASFilter) for > > authentication. > > > > Any pointers? > > > > Thanks. > > > > ----- Original Message ---- > > From: tedzo <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> > > To: Yale CAS mailing list <[email protected]> <[email protected]> > > Sent: Friday, April 4, 2008 10:22:55 PM > > Subject: Re: Which version of cas to use for SingleSignOut feature? > > > > That will be a problem :( I guess I will have to move to the newer > > versions. > > > > Is using JA-SIG Java client similar to using the Yale Client? I was > > looking for a tutorial of some sort that explains configuring/using the > > JA-SIG Java Client and didn't find any. This doesn't seem to work > > http://www.ja-sig.org/products/cas/client/client-java/index.html. > > > > I am seeing references to cas-client.properites etc and I am not sure > > how to proceed. > > For the Yale Java client, I just added the filter info in web.xml and I > > was off and running.... > > > > Your help is appreciated. > > > > Thanks. > > > > ----- Original Message ---- > > From: Adam Rybicki <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> > > To: Yale CAS mailing list <[email protected]> <[email protected]> > > Sent: Friday, April 4, 2008 4:38:01 PM > > Subject: Re: Which version of cas to use for SingleSignOut feature? > > > > Hi, > > > > The versions you are using do not support SSOut. You need CAS Server > > 3.1.1 or 3.1.2 if you must use a "release" version or 3.2.1-RC1 if you are > > OK with using a "release candidate" version. > > > > Yale CAS client does not support SSOut, but perhaps someone will > > contribute it. The JA-SIG CAS Client version 3.1.1 supports SSOut, and > > that's the latest version available. > > > > The earliest versions that should correctly support SSOut are 3.1.1 for > > CAS Server and 3.1 for JA-SIG CAS Client. > > > > Adam > > > > tedzo wrote: > > > > Hello all, > > I am trying to find out which versions of cas server and cas java client > > I need to use in order to be able to use the SingleSignOut feature. I > > currently have cas server 3.0.6 and Yale client 2.1.1. > > > > - Does it matter which version of client I use? > > - What are the earliest versions that support the said feature? > > > > Thanks. > > > > ------------------------------ > > You rock. That's why Blockbuster's offering you one month of Blockbuster > > Total > > Access<http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, > > No Cost. > > > > ------------------------------ > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > ------------------------------ > > You rock. That's why Blockbuster's offering you one month of Blockbuster > > Total > > Access<http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, > > No Cost. > > > > > > ------------------------------ > > You rock. That's why Blockbuster's offering you one month of Blockbuster > > Total > > Access<http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, > > No Cost. > > > > > > ------------------------------ > > You rock. That's why Blockbuster's offering you one month of Blockbuster > > Total > > Access<http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, > > No Cost. > > > > ------------------------------ > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > > > > ------------------------------ > > You rock. That's why Blockbuster's offering you one month of Blockbuster > > Total > > Access<http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, > > No Cost. > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > > -- > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > ------------------------------ > You rock. That's why Blockbuster's offering you one month of Blockbuster > Total > Access<http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, > No Cost. > > > ------------------------------ > You rock. That's why Blockbuster's offering you one month of Blockbuster > Total > Access<http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, > No Cost. > > > ------------------------------ > You rock. That's why Blockbuster's offering you one month of Blockbuster > Total > Access<http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, > No Cost. > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- -Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
