Hi Danny
Did you you specify a logout URL in your CAS authentication filter
configuration. If not, the logout should not happen.
Cheers
Christian
On Thu, Aug 28, 2014 at 7:50 PM, Danny Cheng <[email protected]>
wrote:
> I found the problem or maybe just working as intended. Inside
> GeoServerCasAuthenticationFilter it overrides logout() which updates the
> GeoServerLogoutFilter logout URL to point to the CAS logout URL set in
> initializeFromConfig() override.
>
>
>
> @Override
>
> public void initializeFromConfig(SecurityNamedServiceConfig config)
> throws IOException {
>
> super.initializeFromConfig(config);
>
>
>
>
>
> CasAuthenticationFilterConfig authConfig =
>
> (CasAuthenticationFilterConfig) config;
>
>
>
> validator = new
> GeoServerCas20ProxyTicketValidator(authConfig.getCasServerUrlPrefix());
>
> validator.setAcceptAnyProxy(true);
>
> validator.setProxyGrantingTicketStorage(pgtStorageFilter);
>
>
>
> validator.setRenew(authConfig.isSendRenew());
>
> if (StringUtils.hasLength(authConfig.getProxyCallbackUrlPrefix()))
>
>
> validator.setProxyCallbackUrl(GeoServerCasConstants.createProxyCallBackURl(authConfig.getProxyCallbackUrlPrefix()));
>
>
>
>
> casLogoutURL=GeoServerCasConstants.createCasURl(authConfig.getCasServerUrlPrefix(),
> GeoServerCasConstants.LOGOUT_URI);
>
> if (StringUtils.hasLength(authConfig.getUrlInCasLogoutPage()))
>
>
> casLogoutURL+="?"+GeoServerCasConstants.LOGOUT_URL_PARAM+"="+URLEncoder.encode(authConfig.getUrlInCasLogoutPage(),"utf-8");
>
>
>
> singleSignOut=authConfig.isSingleSignOut();
>
> aep = new GeoServerCasAuthenticationEntryPoint(authConfig);
>
> }
>
>
>
> @Override
>
> public void logout(HttpServletRequest request, HttpServletResponse
> response,
>
> Authentication authentication) {
>
>
> request.setAttribute(GeoServerLogoutFilter.LOGOUT_REDIRECT_ATTR,casLogoutURL);
>
> }
>
>
>
> Because of this, when I click logout from the web UI, it ends up logging
> me out of the web UI, CAS, and CAS clients.
>
>
>
> Thanks,
> Danny
>
>
>
>
>
> *From:* Danny Cheng
> *Sent:* Wednesday, August 27, 2014 2:41 PM
> *To:* [email protected]
> *Subject:* GeoServer Web UI Logout
>
>
>
> Hi Everyone:
>
>
>
> I have GeoServer integrated with CAS to authenticate WMS service requests,
> but I want to keep the web UI to authenticate using the default form
> method. I added a new CAS filter that is only applicable to my particular
> WMS ANT pattern and it is working as expected for what I want. However,
> when I click logout from the web UI, it redirects me to CAS logout page,
> but I don’t want that. This effectively signed me out of all the other CAS
> clients as well (I have single logout enabled). I was expecting to be
> redirected to the web UI login page. Am I wrong?
>
>
>
> Thanks,
>
> Danny
>
>
>
>
> ------------------------------------------------------------------------------
> Slashdot TV.
> Video for Nerds. Stuff that matters.
> http://tv.slashdot.org/
> _______________________________________________
> Geoserver-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/geoserver-users
>
>
--
DI Christian Mueller MSc (GIS), MSc (IT-Security)
OSS Open Source Solutions GmbH
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users
