CAS SLO issue
204 views
Skip to first unread message
Soumya Tripathy
Jun 6, 2017, 10:41:17 AM6/6/17
to CAS Community
Hi,
I'm using cas-5.1.
My cas-client is configured to use host name as the url. But when I hit the https://192.168.2.2/cas/logout url, I'm getting cas logout success page but the SLO is not happening. I'm still able to access my client-app. In cas logs I'm getting the following errors.
2017-06-06 19:42:16,927 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Prepared logout url [null] for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@f0d68c7[id=http://sammachine:8090/sample-app/sample-client,originalUrl=http://sammachine:8090/sample-app/sample-client,artifactId=<null>,principal=adminuser,loggedOutAlready=false,format=XML]]>
2017-06-06 19:42:16,927 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@f0d68c7[id=http://sammachine:8090/sample-app/sample-client,originalUrl=http://sammachine:8090/sample-app/sample-client,artifactId=<null>,principal=adminuser,loggedOutAlready=false,format=XML]] does not support logout operations given no logout url could be determined.>But strangely when I configure my client to use ip address as the url (i.e insted of sammachine:8090/sample-app used 192.168.2.3:8090/sample-app), then SLO is working as expected.
Any configuration changes required in new cas-5.1.x ?
Also in older cas 4.1.x it is working with both ip address and host name.
Catalin Dobrea
Jun 6, 2017, 11:01:21 AM6/6/17
to CAS Community
Sounds as the issue described by myself here: SLO issue with hostname.local type url (version 5.1.0) I have asked this question on 1st of June if you scroll down.
solution was to provide a custom bean implementing SingleLogoutServiceLogoutUrlBuilder without URL validation.
The default implementation will do that weird url validation resulting in null url for logout, hence the logout will be skipped
hope it helps
solution was to provide a custom bean implementing SingleLogoutServiceLogoutUrlBuilder without URL validation.
The default implementation will do that weird url validation resulting in null url for logout, hence the logout will be skipped
hope it helps
Soumya Tripathy
Jun 6, 2017, 1:45:37 PM6/6/17
to CAS Community
Thanks for the solution. Any snippet or pointer on how to implement this custom bean would be great help.
darKu
Jun 6, 2017, 3:20:54 PM6/6/17
to cas-...@apereo.org
Try this one. Skip the handler steps, the idea is to inject that custom spring configuration via spring factories, afterwards you can create a new bean implementing the mentioned interface with same logic as in the default one but without any validation. Read my initial question there is mentioned the default logout url builder.
Cheers!
--To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ece42c92-9225-4e69-8b16-2103dd867f9a%40apereo.org.
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscribe@apereo.org.
Reply all
Reply to author
Forward
0 new messages