stackoom
  简体   繁体   中英

CAS Single Sign Out requests being ignored by JSP+Spring

 原文  2009-08-06 14:47:16       spring/ jsp/ single-sign-on/ cas

Question

I've set up CAS for single sign on with my Spring+JSP webapp, but now I've found out that single sign out isn't actually logging me out of the applications. I've confirmed that if I go to the CAS logout page, I do receive a SAMLP logout request from CAS. When I go back to a secured page in the app, however, I get in without logging back in to CAS. If I go to the local app logout page ( /j_spring_security_logout ), then I will get logged out and immediately redirected to the CAS login page.

In a nutshell, it appears that the local app isn't registering the logout request from CAS and calling its own logout procedure.

Here's the CAS portion of my web.xml 

<filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<filter>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
    <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>

<filter>
    <filter-name>CAS Authentication Filter</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    <init-param>
        <param-name>targetBeanName</param-name>
        <param-value>authenticationFilter</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CAS Authentication Filter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<filter>
    <filter-name>CAS Ticket Validation Filter</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    <init-param>
        <param-name>targetBeanName</param-name>
        <param-value>ticketValidationFilter</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CAS Ticket Validation Filter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

<filter>
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
    <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>

<filter>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>

Do I need a specific CAS bean created to handle logouts in my applicationContext.xml files? Or is configured completely through the web.xml file?

1 answers

solution1
 1  2009-11-27 21:49:49

When you debug the SingleSignOutFilter does it invalidate the user session? Maybe the CAS Token is being held in it, or in the SecurityContextHolder so it doesn't ask for a new login. I have a similar issue and am sorry to not be able to fully understand SS + CAS.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Single Sign Out with Spring Security and CAS Can't make CAS Single Sign Out work with Spring Security CAS Single Sign Out ticket not valid JASIG CAS: single sign out not working Jasig-CAS single sign out with one link Javascript being ignored in my jsp file implemented in spring mvc Spring @GetMapping is being ignored Spring RowMapper is being ignored How to achieve Single Sign-Out in Keycloak/Spring based applications? Jackson annotations being ignored in Spring
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM