CAS注销和cookie消除 [英] CAS logout and cookies elimination
问题描述
我刚刚创建了一个HelloWorld servlet并在其上实现了CAS。
我能够毫无问题地登录,CAS在我的浏览器中设置了3个cookie,CASGT和2个JSESSIONID 1用于/ cas,另一个用于/ helloWorld
I just made a HelloWorld servlet and implemented CAS on it. I'm being able to log in without problem and CAS is setting 3 cookies in my browser, the CASGT, and 2 JSESSIONID 1 for /cas and another for /helloWorld
问题是,然后我访问 https:// blah:8443 / cas / logout ,我看到已注销成功的屏幕,但饼干仍然在我的浏览器中,所以我没有被淘汰,我可以在没有登录屏幕出现的情况下再次进入/ helloWorld。
The problem is that then I access https://blah:8443/cas/logout, I see the logged out succesfuly screen but the cookies still are in my browser, so I'm not being loged out, I can get in again in /helloWorld without the login screen showing up.
您知道我应该如何删除我在退出时创建的Cookie吗?
Do you know what should I do for CAS to delete the cookies it created when I log out?
提前致谢
推荐答案
CASGT cookie由CAS设置,应该由它取消设置。 CAS注销程序的工作方式如下:
CASGT cookie is set by CAS and should be unset by it. CAS logout procedure works like this:
-
您实际上是进入CAS注销页面。页面应该知道您要从中注销的应用程序。一种方法是从您的应用程序重定向到CAS注销页面,提供重定向后退URL作为参数。
You actually go to CAS logout page. The page should know the application which you are logging out from. One way is to redirect to CAS logout page from your application, supplying the redirect-back URL as a parameter.
您的cookie被删除,然后您被重定向通过POST请求到您的应用程序。
Your cookie is erased and you are then redirected to your application via POST request.
SingleSignOutFilter 捕获一个特殊参数logoutRequest并实际销毁从一开始就保留的票证/会话映射,也使当前会话无效。
SingleSignOutFilter catches a special parameter "logoutRequest" and actually destroys the ticket/session mapping that it held from the very beginning and also invalidates current session.
为了调试CAS,启用 TRACE 级别日志记录。通过这种方式,您将知道是否收到了正确的请求或会话是否已失效。
In order to debug CAS, enable TRACE level logging. This way you will know if proper request was received or if session has been invalidated.
我还建议你查看 org.jasig.cas.client.session 包的代码,非常简单。
I also advice you to look at the code of org.jasig.cas.client.session package, which is quite simple.
这篇关于CAS注销和cookie消除的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
