Allow CAS app to participate in Shibboleth SLO
mzico opened this issue · comments
I tested in 4.1 ( with new 4.1.1 shibb patch ). Seems like SAML SLO is working perfectly but when we are initiating SLO from php app ( phpCAS, in this case ); it's not working.
Seems like CAS ticket ( which is issued by Shibboleth ) is still intact.
I have recorded a screencast which has three machines:
- https://test41saml.gluu.org [ my Gluu Server ]
- https://samlapp.gluu.org [ a shibboleth SP ]
- https://cas.gluu.org [ a cas app, phpCAS ]
Screencast: https://youtu.be/p6_pAu1a5LM
In this screencast, I tried:
- Login from SAML app, SSO good.
- Logout from SAML app, SSO good.
- Login from CAS app, SSO good
- Configured CAS app registration ( inside Gluu Server's "cas-protocol.xml.vm" ) so it can participate in Shibboleth SLO
- Tried Logout, not working. Session intact.
I am also attaching two logs:
- Successful SAML SLO
- Not successful CAS SLO.
- Note to check: issued ticket "ST-1584455312109-3FzcYp4ojdIw9BYxkAAE8vIHy" is also active in last section.
This should be assigned to Puja Sharma.
Got it, I sent invitation in SAML github group. After confirmation, we can reassign.
Re-adding log files, zip was bad before.
Just adding a note to self as I'll circle back to this.
This is probably not working because the relying-party.xml.template
RP Configuration doesn't contain profile configuration for the CAS protocol. This should be added to allow CAS applications to Participate to Shibboleth SLO