Hi, Our CAS implements delegated logins as a SAML2 SP. After implementing our own logout action to circumvent the bug with delegated authentication logout requests and JPA ticket registry (https://groups.google.com/u/1/a/apereo.org/g/cas-user/c/DhrHL2alj08), everything seems to be working on our end. However we found out that CAS responds to IDP logout requests with a HTTP 302 redirect to the login page instead of returning a proper SAML2 logout success response to the caller.
This does not make sense in our case where the IDP makes front channel logout requests with ajax to all signed-in SPs. The IDP expects a SAML2 logout response so it shows our SP logout as failed when CAS returns HTTP 302. Is the logout response somehow configurable? SP should return a logout response to the IDP per the SAML2 protocol in any case. Tomi -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c472314d-b57b-447a-8e42-130882d0d6fen%40apereo.org.
