Can an application remove the TGC? If your application calls https://server/cas/logout, CAS will perform a single logout for all services the user has logged into (configurable in service registry) and mark/destroy the TGT (server side part of TGC).
Ray On Fri, 2019-12-06 at 04:22 -0800, Andy Ng wrote: Hi, It is a normal behavior for sessionCount to remain the same after user logout. No need to panic :) CAS does not relies on creating and destroying an entire session for verifying whether or not user are login or not. Instead, CAS uses the cookie called TGC for SSO verification, you can use a common cookie browser for your web browser to see TGC in action (it literally named TGC in your CAS site cookie). What happen is: 1. User login, session create, TGC cookie created 2. User logout, TGC cookie destroyed 3. (If you haven't set anything, and by default) User close browser, session destroyed You can know more about TGC and CAS workflow here: https://apereo.github.io/cas/6.1.x/protocol/CAS-Protocol.html#cas-protocol I saw in some old thread in CAS 3 or CAS 4(can't remember specifically), some people suggest that removing the session after user logout will allow better performance for server. Which I didn't verified myself... However with today server being so powerful, I doubt there is a need for destroying user session after user logout, only destroying the TGC cookie is ok. See if the above info helps. Cheers! - Andy -- Ray Bon Programmer Analyst Development Services, University Systems 2507218831 | CLE 019 | [email protected]<mailto:[email protected]> I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/951698b52c597a9701d14355b564690aa385b84f.camel%40uvic.ca.
