I have six applications and I am using Jasig CAS for authenticating them. Jasig CAS's Single Sign On is working really good for me.
On the other hand, Single Sign Off is not working for me. When I logoff from one of the applications, I can not access to other applications from their root domain but I can access them by using their sub-services.
Example:
APP1 = http://domain.com/app1
APP2 = http://domain.com/app2
If I logoff from APP1, I can not reach to http://domain.com/app2 BUT I can reach to http://domain.com/app2/someservice
Info:
I am using ProxyPass to direct applications to Jasig CAS.
In Apache CAS web.xml, I have added:
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
My applications are based on Jsp and Django.
CAS Version : 3.3.10
----UPDATE----
I managed to solve 4 out of 6 applications by changing the "Satisfy" parameter of configurations of applications from "any" to "all".
2 out of 6 applications are deployed on Tomcat and to make them run on apache, mod_jk is used. When I try to enter any of those apps I get a redirection loop error. Because
1-) Application request ticket generating tickets from CAS
2-) CAS provides the ticket generating tickets
3-) Application resends ticket generating ticket to get the ticket
4-) CAS redirects to the main start page of the application
5-) Go back to state 1
When I look into the cas.log file I see
FormObjectClass not set. Using default class of org.jasig.cas.authentication.principal.UsernamePasswordCredentials with formObjectName credentials and validator org.jasig.cas.validation.UsernamePasswordCredentialsValidator.
Error
Any suggestions ?