I have six applications and I use Jasig CAS to authenticate them. Jasig CAS Single Sign On works for me very well.
On the other hand, Single Sign Off does not work for me. When I exit one of the applications, I cannot access other applications from their root domain, but I can access them using my sub-services.
An example :
APP1 = http://domain.com/app1
APP2 = http://domain.com/app2
If I exit APP1, I cannot get to http://domain.com/app2 , but I can reach <a3>
Information:
I use ProxyPass to access Jasig CAS directly.
In Apache CAS web.xml, I added:
<filter> <filter-name>CAS Single Sign Out Filter</filter-name> <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> </filter> <filter-mapping> <filter-name>CAS Single Sign Out Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> </listener>
My applications are based on Jsp and Django.
CAS Version: 3.3.10
---- UPDATE ----
I managed to solve 4 out of 6 applications by changing the "Satisfy" parameter of the application configurations from "any" to "all".
2 out of 6 applications are deployed on Tomcat and mod_jk is used to run them on apache. When I try to log into any of these applications, I get a redirect loop error. Because
1-) Request ticket ticket generating tickets from CAS
2-) CAS provides tickets generating tickets
3-) The application resends the ticket to receive a ticket
4-) CAS redirects to the main start page of the application
5-) Return to state 1
When I look in the cas.log file, I see
FormObjectClass is not set. Using the default class org.jasig.cas.authentication.principal.UsernamePasswordCredentials with credentials formObjectName and the validator org.jasig.cas.validation.UsernamePasswordCredentialsValidator.
Mistake
Any suggestions?