Hi,
Here is CAS part of web.xml
<!-- Single Signout -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://localhost:8443/cas/</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<init-param>
<param-name>proxyCallbackUrl</param-name>
<param-value>https://localhost:8443/app2/docs/receptor
</param-value>
</init-param>
<init-param>
<param-name>proxyReceptorUrl</param-name>
<param-value>/docs/receptor</param-value>
</init-param>
<init-param> <!-- This will generate Cas20ProxyTicketValidator
instead of CAs20ServiceTicketValidator-->
<param-name>acceptAnyProxy</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<!-- ************************* -->
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/docs/receptor</url-pattern>
</filter-mapping>
<!-- Wraps HttpRequest for getRemoteUSer() to work -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
On Tue, Jan 13, 2009 at 5:23 AM, Andrew Feller <[email protected]> wrote:
> We use the JA-SIG CAS client without Spring security and we haven't had
> any issues with the SSOut. Can you copy the web.xml from an application of
> yours that isn't handling SSOut correctly?
>
>
>
> On 1/12/09 5:40 PM, "Leena Borle" <[email protected]> wrote:
>
> Hi,
> In my case, it only invalidates the session of the application which
> initiated the /cas/logout. Other applications still keeps the same session.
> Difference between these applications is only that the mail application that
> calls logout has implemented CAS with Spring security and others have it in
> configured in web.xml (CAS-client 3.1.3)
> I'm wondering if anything is missing in my configurarion. CAS
> documentation says SSO requires just addition of SSO filter in web.xml.
> Leena
>
> On Mon, Jan 12, 2009 at 1:27 PM, Andrew Feller <[email protected]> wrote:
>
> Leena,
>
> No. When the user goes to the CAS server to logout, the CAS server will
> notify all the applications that requested service tickets and invalidate
> the user's sessions.
>
> A-
>
>
>
> On 1/12/09 2:53 PM, "Leena Borle" <[email protected]> wrote:
>
> Hello,
> I have added SSO filter in all web.xml of my application. I want to
> initiate sign-out from only one application. Do I need to invalidate
> sessions in other applications individually before calling /cas/logout?
> Leena
>
> ------------------------------
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
> --
> Andrew Feller, Analyst
> LSU University Information Services
> 200 Frey Computing Services Center
> Baton Rouge, LA 70803
> Office: 225.578.3737
> Fax: 225.578.6400
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
