I'm using CAS 4 in my project. I've two applications. I successfully logged in to my application 1, If I redirect to application 2 from application 1 then CAS is forced to provide credentials again regardless of whether or not a previous session exists. I didn't logged out or closed browser but its asking authentication for every application.
I've CAS Server 4.0 and Client 3.4.1 versions and also configured CAS client in web.xml of my each application.
web.xml
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:8080/cas</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener
</listener-class>
</listener>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://localhost:8080/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:8080/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/login.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/proxyCallback</url-pattern>
</filter-mapping>
<context-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</context-param>
With continuation of my discussion, I debug CAS Server its showing as below
[org.jasig.cas.CentralAuthenticationServiceImpl] - [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - [org.jasig.cas.ticket.registry.DefaultTicketRegistry] - [org.jasig.cas.CentralAuthenticationServiceImpl] -
[org.jasig.cas.logout.SamlCompliantLogoutMessageCreator] - @NOT_USED@samlp:SessionIndexST-2-jp9ydEyiFuT9hlKw2SaK-org.in]> [org.jasig.cas.logout.LogoutManagerImpl] - http://abc.in:8888/app1/login.do]> [org.jasig.cas.util.SimpleHttpClient] - http://abc.in:8888/app1/login.do>
[org.jasig.cas.logout.SamlCompliantLogoutMessageCreator] - @NOT_USED@samlp:SessionIndexST-1-DLttZgFyzfWmdpXVmB4a-org.in]> [org.jasig.cas.logout.LogoutManagerImpl] - http://abc.in:8888/app3/login.do]> [org.jasig.cas.util.SimpleHttpClient] - http://abc.in:8888/app3/login.do>
[org.jasig.cas.logout.SamlCompliantLogoutMessageCreator] - @NOT_USED@samlp:SessionIndexST-3-1tiTu9pcVaNs55O7FX4m-org.in]> [org.jasig.cas.logout.LogoutManagerImpl] - http://abc.in:8888/app2/login.do]>
[org.jasig.cas.ticket.registry.DefaultTicketRegistry] - [org.jasig.cas.ticket.registry.DefaultTicketRegistry] -
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] -
WHO: audit:unknown WHAT: TGT-1-BEacZ4CpvMRxgSY5lEb5xvnGQ9fLgPjKJcjXj3BMKHjbQXCGJM-org.in ACTION: TICKET_GRANTING_TICKET_DESTROYED APPLICATION: CAS WHEN: Tue Jun 20 16:29:46 IST 2017 CLIENT IP ADDRESS: 10.191.53.54 SERVER IP ADDRESS: 10.191.53.54
[org.jasig.cas.util.SimpleHttpClient] - http://abc.in:8888/app2/login.do>
[org.jasig.cas.web.support.CookieRetrievingCookieGenerator] - [org.jasig.cas.web.support.CookieRetrievingCookieGenerator] -
[org.jasig.cas.util.SimpleHttpClient] - http://abc.in:8888/app1/login.do> [org.jasig.cas.util.SimpleHttpClient] - http://abc.in:8888/app2/login.do> [org.jasig.cas.util.SimpleHttpClient] - http://abc.in:8888/app3/login.do>
Here issue is, if I logged out of my app1 its logged out from app1 and app3 but I'm unable to logged out from app2. Still session is alive. I'm using same CAS client configuration in all the three applications. Here I opened all the three applications in separate tabs. What is the exact issue.
I think having issue with appl2 and my web.xml is configured as above, and service tickets are validated in all applications. How to trace exact issue in client (app2).
