Single-point logout basically no configuration
The logout method of redirecting to Cas-server directly at the time of the original logout
@RequestSecurity = "Loginout", method = {requestmethod.get, requestmethod.post}) public String Loginout (HttpSession session) { session.invalidate (); return "redirect:https://demo.testcas.com/cas-server/logout"; }
But then, after the logout, it will eventually stay on this page.
Generally, this is not what we want.
What I want is that once the user logs out, go back to the login page.
Then re-modify the original project Logout method, as follows:
@RequestSecurity = "Loginout", method = {requestmethod.get, requestmethod.post}) public String Loginout (HttpSession session) { session.invalidate (); return "redirect:https://demo.testcas.com/cas-server/logout? " service=https://demo.testcas.com/cas-server/login"; }
A service suffix is added, and a URL is specified, meaning which page to return to after successful logout.
Then, in the cas-servlet.xml of the Cas-server project, find
<BeanID= "Logoutcontroller"class= "Org.jasig.cas.web.LogoutController"P:centralauthenticationservice-ref= "Centralauthenticationservice"P:logoutview= "Caslogoutview" p:followserviceredirects= "true"P:warncookiegenerator-ref= "Warncookiegenerator"P:ticketgrantingticketcookiegenerator-ref= "Ticketgrantingticketcookiegenerator" />
Add such a property: p:followserviceredirects= "true"
This means: After successful logout, if the service parameter is included, redirect to the URL specified by the service.
Single Sign-on CAS usage series:
- Single Sign-on CAS usage note (i): pre-preparation and configuring the SSL protocol for Cas-server
- Single Sign-on CAS usage (ii): Deploying CAS servers and clients
- Single Sign-on CAS usage Note (iii): Implement Custom Authentication User login
- Single Sign-on CAS usage note (iv): Add a verification code to the login page
- Single Sign-on CAS usage Note (v): Cas-client does not intercept static resources and requests that do not require a login.
- Single Sign-on CAS usage note (vi): Single-point logout, single sign-off
- Single Sign-on CAS usage note (vii): Analysis of server timeouts and client timeouts
- Single Sign-on CAS usage Note (eight): Using MAVEN's overlay for non-invasive transformation CAs
Single Sign-on CAS usage note (vi): Single-point logout, single sign-off