We have a SOA setup and use rubycas-server to enable SSO across services. We
noticed a problem when a user logs in from multiple browsers, the logout call
from one browser clears off all PGTs for username irrespective of the TGT.
However it doesn't clear off the ST, PT or even trigger a logout to the other
broser sessions.
What steps will reproduce the problem?
1. Login with a username from multiple browsers
2. Make sure PGTs are created for all the browser sessions
2. Logout from one of the browsers
4. Check the count of PGTs in the casserver db. None will be there
What version of RubyCAS-Server are you using? How is it installed (rubygem,
manual install)? How are you running it (webrick, mongrel, passenger,
etc.)?
Version- 1.8.7. Installed using rubygem. Running in apache-passenger setup
using LDAP Authentication.
Original issue reported on code.google.com by Subraman...@gmail.com on 18 Jul 2012 at 5:58
Original issue reported on code.google.com by
Subraman...@gmail.com
on 18 Jul 2012 at 5:58