SLO session problem

Marc SAHIN marc.sahin at
Mon Mar 26 10:43:55 EDT 2018


We have activated SLO in IdP3.3 which delegates authentication process 
to CAS server.
However, we notice that when we sign out from web application, the 
shibboleth session is destroyed but the CAS TGT ticket still exist.
That cause to get access to web app with previous session.

How can we ensure that both Shibboleth session and CAS ticket are 
destroyed while signed out?

Here is SLO configuration in :

/idp.session.trackSPSessions = true//
//idp.session.secondaryServiceIndex = true//
//idp.session.defaultSPlifetime = PT2H//
//idp.session.slop = PT0S//

/idp.logout.elaboration = true//
//idp.logout.authenticated = false/

Thanks in advance.


Administrateur Systèmes
Pôle Système  - DSI - Université Lumière Lyon 2
04 78 77 26 66

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list