Logout of O365/Shib/CAS

Benjamin Cherian benjamin.cherian at villanova.edu
Mon May 4 16:49:15 EDT 2015

We are testing Shibboleth IdP 3 (auth via CAS) with ADFS 3 and O365. Currently we had everything working, except logout. We setup our Shib server to use CAS client to authenticate via our existing CAS environment. We also implemented CAS SLO on the Shib servers. We turned session management/storage off completely in Shib as well.

Currently when we try to logout of office dev, it returns an error, because it is trying to use Shibboleth's logout URL, which returns an error, because. At that point the end user is not logged out of CAS or O365. We can try to redirect to the CAS logout page, but that doesn't log them out of the O365 portal.

What is the correct way to logout of CAS and logout of ADFS/O365? Is there a JSP or other code I should edit to sent them to CAS? Is there a way to specify in the SAML response that it is not an error?


More information about the users mailing list