Logout redirect back to original service

77 views
Skip to first unread message

cheekian yap

unread,
Dec 23, 2020, 9:05:56 PM12/23/20
to CAS Community
Hi,

cas version 6.2.6

I'm able to redirect back to my own service after logout with the following properties:

cas.logout.follow-service-redirects=true
cas.logout.redirect-parameter=service
cas.logout.redirect-url=https://<cas-domain>/cas/logout?service=http\://<service-provider>

However, this is not a desired setup as I will have more service provider integrate with cas.
So instead I placed the redirect url on service registry json file:

{
  "@class" : "org.apereo.cas.services.RegexRegisteredService",
  "serviceId" : ".*",
  "name" : "test",
  "id" : 1001111,
  "evaluationOrder" : 44,
  "logoutType" : "BACK_CHANNEL",
  "logoutUrl" : "https://<cas-domain>/cas/logout?service=http://<service-provider>"
}

This is not working as expected and I'm still stuck on cas logout page. What am I doing wrong here?

cheekian yap

unread,
Dec 23, 2020, 9:54:27 PM12/23/20
to CAS Community, cheekian yap
Or is there a way to dynamically assign a domain to service parameter instead of hardcode it inside application.properties so that the redirect-url work on per-service basis.

cheekian yap 在 2020年12月24日 星期四上午10:05:56 [UTC+8] 的信中寫道:

Ray Bon

unread,
Jan 4, 2021, 1:02:18 PM1/4/21
to cas-...@apereo.org
The parameters have not been updated in the logs.
Try them with camel case:
cas.logout.follow-service-redirects -> cas.logout.followServiceRedirects
etc

Ray

On Wed, 2020-12-23 at 18:05 -0800, cheekian yap wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. 
--
Ray Bon
Programmer Analyst
Development Services, University Systems

I respectfully acknowledge that my place of work is located within the ancestral, traditional and unceded territory of the Songhees, Esquimalt and WSÁNEĆ Nations.

Ray Bon

unread,
Jan 4, 2021, 1:12:46 PM1/4/21
to cas-...@apereo.org, yap.s...@gmail.com
You can set the logout url for a service to be used with SLO. By default cas will send logout requests to the log in url.
The application property is for setting a different target than the builtin cas logout page.
SLO is a complicated process for applications and users (much more so than log in). 

What is the use case for having a dynamically determined redirect url?

Ray

On Wed, 2020-12-23 at 18:54 -0800, cheekian yap wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

Reply all
Reply to author
Forward
0 new messages