On Wed, Nov 26, 2008 at 3:33 AM, Robert Oschwald <[email protected]>wrote:
> Hi folks, > > > I've implemented SingleSignOut in a cassified spring-security client > app. > > Just to ensure that I made it the right way: > the filter mapping url of > org.jasig.cas.client.session.SingleSignOutFilter is the same as the > filterProcessesUrl of the CasProcessingFilter, right? > e.g. /j_spring_cas_security_check Yes, that should be correct. > > > In the Spring Cas Client example, the mapping is just /* but I want to > narrow it down, since I explicitely define the serviceUrl for the > client app. > > > Btw: > I also implemented a CasLogoutInitiatingFilter, which leads to a real > cas singleSignOut request from within my client app. > In my example, when I access /j_spring_security_cas_logout, the user > is redirected to the cas logout page (with the "url" parameter > propperly set to allow a relogin into the app). > > This leads to a full cas login/logout roundtrip and avoids a "you are > logged out locally, press here to perform a cas single sign out" page. > > Maybe this is something of value for the spring cas client example. Our goal is that an individual application cannot force you to log out of every application (only the central server should be able to initiate that) which is why we always recommend the local logout. If your local needs are different, than I recommend your above method. The above filter may be useful as an optional filter in the JASIG CAS Client for Java. -Scott > > > > Robert > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
