Hi Thierry, Many thanks for your help !
We use CAS as single sign-on solution. Nuxeo is used by our main application, and configured to be authenticated by cas proxy-ticket After user login CAS and trying to use nuxeo, application will generate proxy ticket and pass to nuxeo in url (e.g. http://hostname:port /nuxeo/nxpath/default/default-dom...@user_dashboard ?proxyTicket=ST-4-OcZVEP90z7H2faT4E7LW-cas&proxyKey=true&service= http://localhost:8280/nuxeo), then nuxeo know who is logging in, by the nuxeo cas2 plug-in. That's the way we use nuxeo. But now the problem is, when user logout from our main application( actually logout from CAS), nuxeo still can be access with this session, which is leading security problem. So what do think the best way to solve it ? Thanks again. On Fri, Jun 18, 2010 at 7:55 AM, Thierry Delprat <[email protected]> wrote: > Hi, > > If I remember well, you can configure Nuxeo to logout from CAS when > you use the Nuxeo Logout > See the logoutUrl parameter in the CAS2Plugin > http://doc.nuxeo.org/5.3/books/nuxeo-book/html/auth-users-groups.html > > If what you want is logout from Nuxeo when you logout from CAS server > directly, I don't know mechanism are provided by CAS server for that. > Since Nuxeo DM use HTTP Session and cookie, call to nuxeo logout url > has to be made from the client's browser ... > > If you can explain how you would like it to work, may be we can help. > > Tiry > > On 18 June 2010 01:36, Jackie Ju <[email protected]> wrote: > > Hi, > > > > My nuxeo was configured to autheticate by CAS proxy-ticket. The CAS > single > > sign-on works perfect. > > Now we need to make nuxeo auto-logout when user logout from CAS. But I > don't > > know whether CAS single sign-out solution is the right way, because nuxeo > > seems using cookie to maintain session. And does nuxeo support CAS single > > sign-out ? Or does nuxeo has some other solution to do this ? > > > > Really appreciate if anyone give help on this. > > Thank you very much ! > > > > > > > > -- > > Best Regards, > > Jackie Ju > > > > _______________________________________________ > > ECM mailing list > > [email protected] > > http://lists.nuxeo.com/mailman/listinfo/ecm > > To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm > > > > > -- Best Regards, Jackie Ju
_______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
