stackoom
  简体   繁体   中英

CAS single sign out not working

 原文  2013-07-24 14:39:20       java/ java-ee/ single-sign-on/ servlet-filters/ cas

Question

I have installed a CAS server (v3.5.2) on Apache Tomcat and 2 clients on JBOSS. Everything works fine unless single sign out.

I think all I made is fine but there is still this problem.

My configuration server-side : In WEB-INF\\deployerConfigContext.xml : 

<bean class="org.jasig.cas.services.RegexRegisteredService">
    <property name="id" value="1" />
    <property name="name" value="HTTP and IMAP on localhost:8080/firstCasClient" />
    <property name="description" value="Allows HTTP(S) and IMAP(S) protocols on localhost:8080/firstCasClient" />
    <property name="serviceId" value="^(https?|imaps?)://([A-Za-z0-9_-]+\.)*localhost:8080/firstCasClient/*" />
    <property name="ssoEnabled" value="true" />
    <property name="enabled" value="true" />
    <property name="evaluationOrder" value="0" />
</bean>

<bean class="org.jasig.cas.services.RegexRegisteredService">
    <property name="id" value="2" />
    <property name="name" value="HTTP and IMAP on localhost:8080/secondCasClient" />
    <property name="description" value="Allows HTTP(S) and IMAP(S) protocols on localhost:8080/secondCasClient" />
    <property name="serviceId" value="^(https?|imaps?)://([A-Za-z0-9_-]+\.)*localhost:8080/secondCasClient/*" />
    <property name="ssoEnabled" value="true" />
    <property name="enabled" value="true" />
    <property name="evaluationOrder" value="1" />
</bean>

Configuration in clients : In web.xml : 

<!-- CAS SINGLE SIGN OUT -->
<filter>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
    <init-param>
    <!-- because of use of Saml11TicketValidationFilter -->
        <param-name>artifactParameterName</param-name>
        <param-value>SAMLart</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<listener>
    <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>

<!-- other filters -->
<filter>
    <filter-name>CAS Authentication Filter</filter-name>
    <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
    <init-param>
        <param-name>casServerLoginUrl</param-name>
        <param-value>http://localhost:8888/cas-server-webapp-3.5.2/login</param-value>
    </init-param>
    <init-param>
        <param-name>service</param-name>
        <param-value>http://localhost:8080/firstCasClient</param-value>
    </init-param>
</filter>
<filter>
    <filter-name>CAS Validation Filter</filter-name>
    <filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>
    <init-param>
        <param-name>casServerUrlPrefix</param-name>
        <param-value>http://localhost:8888/cas-server-webapp-3.5.2</param-value>
    </init-param>
    <init-param>
        <param-name>service</param-name>
        <param-value>http://localhost:8080/firstCasClient</param-value>
    </init-param>
</filter>
<filter>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
    <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>CAS Authentication Filter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
    <filter-name>CAS Validation Filter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
</filter-mapping>

I hope someone would find what is wrong thanks anyway

1 answers

solution1
 1  2013-07-30 15:31:02

Make sure in your argumentExtractorsConfiguration.xml file that the casArgumentExtractor bean has the disableSingleSignOut property set to false. If you see the following: 

<bean id="casArgumentExtractor"
      class="org.jasig.cas.web.support.CasArgumentExtractor"
      p:httpClient-ref="noRedirectHttpClient"  
      p:disableSingleSignOut="${slo.callbacks.disabled:false}" />

Take a look in your cas.properties and make sure slo.callbacks.disabled is not set to true. the ${slo.callbacks.disabled:false} means look for that property, and if it is not found default it to false.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question CAS Single Sign Out ticket not valid Can't make CAS Single Sign Out work with Spring Security CAS Server Single Sign Out using Java Servlet Single Sign On with CAS server in JAVA CAS Single Signout not working CAS Single logout not working CAS Single LogOut(SLO) not working - CAS 4.2.3 Single Sign on Not working on Jboss OpenAM Fedlet Single Sign Out How to implement Single Sign Out with WAAD in Java?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM