Hi!
I have a problem using RegexUriLogoutValve to achieve global logout in a
tomcat server.
I have two applications (app1 and app2) in the same tomcat protected with
org.jasig.cas.client.tomcat.v7.Cas20CasAuthenticator. Single Sign On works
perfect, but I have troubles with logout.
I have this in global context.xml
<Valve
className="org.jasig.cas.client.tomcat.v7.RegexUriLogoutValve"
logoutUriRegex="/.*/logout" redirectUrl="https://mycasserver.edu/cas/logout";
/>
When I go to http://localhost:8080/app1/logout, it seems fine but none of
my applications forget the logged user.
Inside my applications, I have
web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
And one jsp for testing
<h1>Logged user: ${pageContext.request.remoteUser}</h1>
I was expecting that after visit /app1/logout, both application forget the
CAS user. Is this correct? Or am I missing something?
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a7e1f6e3-2ef8-413b-a55b-e0657832d280%40apereo.org.
