Are you using the phpCAS version that supports Single Sign Out? -Scott
-Scott Battaglia PGP Public Key Id: 0x383733AA LinkedIn: http://www.linkedin.com/in/scottbattaglia On Fri, Aug 15, 2008 at 3:37 PM, Wyles, Eric <[EMAIL PROTECTED]> wrote: > I think it was probably bad timing that I originally posted this just > before the 3.3 version was released. I think everyone has been > (understandably) busy with that. > > > > If anyone has any ideas about what I'm doing wrong below, I would > appreciate the help. > > > > Thanks > > > ------------------------------ > > *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] *On > Behalf Of *Wyles, Eric > *Sent:* Wednesday, August 13, 2008 12:13 PM > *To:* [email protected] > *Subject:* CAS Server 3.2.1 - Single Sign Out questions... > > > > Hello, > > > > I have installed cas server 3.2.1. I am running the cas-server-webapp > application on Tomcat 5.5. The only change I have made is to enable a > FastBindLdapAuthenticator, otherwise, the cas-server-webapp is just how it > came out of the box. > > > > I'm trying to test Single Sign Out. Here is what I'm doing: > > > > I have a simple PHP page running under apache using phpCAS. That is on > https://mymachine/testcas.php. It works great for signing in. I can hit > https://mymachine/testcas.php and then I'm redirected to my CAS login page > at https://mymachine:8443/cas/login. After I enter my credentials, I'm > sent back to my PHP page and it now knows who I am. > > > > My next step was to test single sign out functionality. I don't know if I > need to configure something to support this or if I have a poor test case or > what the deal is exactly. Here are my steps: > > > > 1 – Go to https://mymachine/testcas.php > > 2 – I am redirected to https://mymachine:8443/cas/login where I enter my > credentials > > 3 – I am then redirected back to https://mymachine/testcas.php (with > ticket information) and my testcas.php uses the ticket to figure out who I > am. > > 4 – I then manually go to https://mymachine:8443/cas/logout and I see the > CAS "logout successful" message > > 5 – Then, I manually go back to https://mymachine/testcas.php and it still > considers me to be logged in. > > > > Also, I don't see anything in my apache access logs to indicate that the > CAS server posted a sign out request to my testcas.php page. > > > > Is this a good test? > > > > Is there something I need to configure to enable single sign out? > > > > I am pasting my testcas.php code below. Any advise would be appreciated. > > > > Thanks, > > Eric > > > > > > <?php > > > > include_once('CAS.php'); > > > > phpCAS::setDebug(); > > phpCAS::client(CAS_VERSION_2_0,'mymachine',8443,'cas'); > > phpCAS::setNoCasServerValidation(); > > phpCAS::forceAuthentication(); > > if (isset($_REQUEST['logout'])) { > > phpCAS::logout(); > > } > > ?> > > > > <html> > > <head> > > </head> > > <body> > > <div id="page"> > > <?php echo phpCAS::getUser(); ?> logged in. > > </div> > > </body> > > </html> > > Confidentiality Notice: This e-mail message, including any attachments, is > for the sole use of the intended recipient(s) and may contain confidential > and privileged information. Any unauthorized review, use, disclosure or > distribution is prohibited. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. > > Confidentiality Notice: This e-mail message, including any attachments, is > for the sole use of the intended recipient(s) and may contain confidential > and privileged information. Any unauthorized review, use, disclosure or > distribution is prohibited. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
