Logging out from CAS logs me out from Google, too
180 views
Skip to first unread message
Paul Roemer
Aug 24, 2020, 4:26:30 AM8/24/20
to CAS Community
Hey guys,
we noticed some new behavior with delegated SSO authentication. When I login with my Google SSO account at our CAS and logout again, I am not only logged out from CAS but also from my Google account. This also happens with delegated GitHub SSO.
We are using CAS 6.2.1 but I am unsure when we noticed this behavior the first time.
Anyone else noticed it? Is there some configuration option to disable it?
Cheers,
Cheers,
Paul
dyte gyte
Aug 24, 2020, 4:46:22 AM8/24/20
to cas-...@apereo.org
Hello,
afaik, there are 2 logout type: single logout and single sign-on. the default behavior is single logout which means that if you logout current app, you also logout all applications that cas is connected. this is the situation you are facing. but you need single sign on as i understand. basically, turn off this .(https://apereo.github.io/cas/6.2.x/installation/Logout-Single-Signout.html#turning-off-single-logout)
Paul Roemer <pa...@vaadin.com>, 24 Ağu 2020 Pzt, 11:26 tarihinde şunu yazdı:
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/711682f7-6b0e-4872-9be3-f55426e1913fo%40apereo.org.
dyte gyte
Aug 24, 2020, 4:47:14 AM8/24/20
to cas-...@apereo.org
edit: single sign on out
dyte gyte <ytete...@gmail.com>, 24 Ağu 2020 Pzt, 11:46 tarihinde şunu yazdı:
Paul Roemer
Aug 24, 2020, 12:24:19 PM8/24/20
to CAS Community, denizg
Hey denizg,
first thanks for you suggestion. But I actually want SLO. I want to destroy the SSO session and not only the application session. I also configured front channel to make it work.
No, the problem is something different: If I use delegated SSO provider like Google or GitHub to authenticate against CAS (during Sign-In) and logout again, I am not only logged out from the SSO session that CAS manages but also from my Google or GitHub account. And that is what should not happen and is new behavior.
I wonder when this changed.
No, the problem is something different: If I use delegated SSO provider like Google or GitHub to authenticate against CAS (during Sign-In) and logout again, I am not only logged out from the SSO session that CAS manages but also from my Google or GitHub account. And that is what should not happen and is new behavior.
I wonder when this changed.
Andy Ng
Dec 6, 2020, 10:48:30 PM12/6/20
to CAS Community, Paul Roemer, denizg
Hi Paul,
I am also agreeing with you that logout with CAS doesn't mean logout Google account / other 3rd party account. However I don't spot such issue in my implementation.
I am using Google Delegated Authentication as well, I am using CAS 6.2.6.
No such issue spotted. Maybe you should try upgrading it to 6.2.6 see if the issue is fixed.
Cheers!
- Andy
Reply all
Reply to author
Forward
0 new messages