The cas client can not receive cas server single logout callback.Maybe I miss some config?

[puzzledz]

The log part of cas client

[INFO] jetty-9.3.6.v20151106
log4j: reset attribute= "false".
log4j: Threshold ="null".
log4j: Level value for root is  [DEBUG].
log4j: root level set to DEBUG
log4j: Class name: [org.apache.log4j.ConsoleAppender]
log4j: Parsing layout of class: "org.apache.log4j.PatternLayout"
log4j: Setting property [conversionPattern] to [%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n].
log4j: Adding appender named [console] to category [root].
2019-06-04 20:57:54 DEBUG CommonUtils:356 - serviceUrl generated: http://localhost:8083/sample/
2019-06-04 20:57:54 DEBUG AuthenticationFilter:170 - no ticket and no assertion found
2019-06-04 20:57:54 DEBUG AuthenticationFilter:178 - Constructed service url: http://localhost:8083/sample/
2019-06-04 20:57:54 DEBUG AuthenticationFilter:183 - redirecting to "http://localhost:8443/cas/login?service=http%3A%2F%2Flocalhost%3A8083%2Fsample%2F"
2019-06-04 20:58:39 DEBUG SingleSignOutHandler:242 - Recording session for token ST-1-mwxFGto4bRMcxppIs2We-DESKTOP-9HOHOSI
2019-06-04 20:58:39 DEBUG HashMapBackedSessionMappingStorage:56 - Attempting to remove Session=[1rqd7mb71lgjfdtp10pb9qwq4]
2019-06-04 20:58:39 DEBUG HashMapBackedSessionMappingStorage:64 - No mapping for session found.  Ignoring.
2019-06-04 20:58:39 DEBUG Cas30ProxyReceivingTicketValidationFilter:201 - Attempting to validate ticket: ST-1-mwxFGto4bRMcxppIs2We-DESKTOP-9HOHOSI
2019-06-04 20:58:39 DEBUG CommonUtils:356 - serviceUrl generated: http://localhost:8083/sample/
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:104 - Placing URL parameters in map.
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:112 - Calling template URL attribute map.
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:115 - Loading custom parameters from configuration.
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:189 - Constructing validation url: http://localhost:8443/cas/p3/serviceValidate?ticket=ST-1-mwxFGto4bRMcxppIs2We-DESKTOP-9HOHOSI&service=http%3A%2F%2Flocalhost%3A8083%2Fsample%2F&authn_method=mfa-duo
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:192 - Retrieving response from server.
2019-06-04 20:58:39 DEBUG Cas30ServiceTicketValidator:199 - Server response: <cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationSuccess>
        <cas:user>casuser</cas:user>
        <cas:attributes>
            <cas:longTermAuthenticationRequestTokenUsed>false</cas:longTermAuthenticationRequestTokenUsed>
            <cas:isFromNewLogin>true</cas:isFromNewLogin>
            <cas:authenticationDate>2019-06-04T20:58:38.719+08:00[Asia/Shanghai]</cas:authenticationDate>
            <cas:authenticationMethod>AcceptUsersAuthenticationHandler</cas:authenticationMethod>
            <cas:successfulAuthenticationHandlers>AcceptUsersAuthenticationHandler</cas:successfulAuthenticationHandlers>
            </cas:attributes>
    </cas:authenticationSuccess>
</cas:serviceResponse>

2019-06-04 20:58:39 DEBUG Cas30ProxyReceivingTicketValidationFilter:207 - Successfully authenticated user: casuser
2019-06-04 20:58:39 DEBUG Cas30ProxyReceivingTicketValidationFilter:217 - Redirecting after successful ticket validation.
2019-06-04 20:58:39 DEBUG CommonUtils:356 - serviceUrl generated: http://localhost:8083/sample/

cas client web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

<!--
   <context-param>
       <param-name>renew</param-name>
       <param-value>true</param-value>
   </context-param>
-->

    <filter>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
        <init-param>
            <param-name>casServerUrlPrefix</param-name>
            <!-- <param-value>https://mmoayyed.unicon.net:8443/cas</param-value> -->
            <param-value>http://localhost:8443/cas</param-value>
        </init-param>
    </filter>

    <listener>
        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
    </listener>

    <filter>
        <filter-name>CAS Authentication Filter</filter-name>
        <!--<filter-class>org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>-->
        <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
        <init-param>
            <param-name>casServerLoginUrl</param-name>
            <!-- <param-value>https://mmoayyed.unicon.net:8443/cas/login</param-value> -->
            <param-value>http://localhost:8443/cas/login</param-value>
        </init-param>
        <init-param>
            <param-name>serverName</param-name>
            <!-- <param-value>https://mmoayyed.unicon.net:9443</param-value> -->
            <param-value>http://localhost:8083</param-value>
        </init-param>
    </filter>

    <filter>
        <filter-name>CAS Validation Filter</filter-name>
        <!--<filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>-->
        <filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>
        <init-param>
            <param-name>casServerUrlPrefix</param-name>
            <!-- <param-value>https://mmoayyed.unicon.net:8443/cas</param-value> -->
            <param-value>http://localhost:8443/cas</param-value>
        </init-param>
        <init-param>
            <param-name>serverName</param-name>
            <!-- <param-value>https://mmoayyed.unicon.net:9443</param-value> -->
             <param-value>http://localhost:8083</param-value>
        </init-param>
        <init-param>
            <param-name>redirectAfterValidation</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>useSession</param-name>
            <param-value>true</param-value>
        </init-param>
        <!--
        <init-param>
            <param-name>acceptAnyProxy</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>proxyReceptorUrl</param-name>
            <param-value>/sample/proxyUrl</param-value>
        </init-param>
        <init-param>
            <param-name>proxyCallbackUrl</param-name>
            <param-value>https://mmoayyed.unicon.net:9443/sample/proxyUrl</param-value>
        </init-param>
        -->
        <init-param>
            <param-name>authn_method</param-name>
            <param-value>mfa-duo</param-value>
        </init-param>
    </filter>

    <filter>
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter-mapping>
        <filter-name>CAS Validation Filter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter-mapping>
        <filter-name>CAS Authentication Filter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <filter-mapping>
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <welcome-file-list>
        <welcome-file>
            index.jsp
        </welcome-file>
    </welcome-file-list>
</web-app>

and I also registered service to cas server and set cas.serviceRegistry.initFromJson=true. cas server service

{
  "@class": "org.apereo.cas.services.RegexRegisteredService",
  "serviceId": "^(https|imaps|http)://localhost:8083.*",
  "name": "Localhost8083",
  "id": 10000006,
  "description": "this is a localhost service",
  "evaluationOrder": 10000000,
  "logoutType" : "BACK_CHANNEL",
  "logoutUrl" : "http://localhost:8083/sample",
  "attributeReleasePolicy": {
    "@class": "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
  }
}

when I run http://localhost:8443/cas/logout(cas server),and the cas client can not receive cas server single logout callback. The log part of cas server

2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultLogoutManager] - <Handling single logout callback for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Processing logout request for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]]...>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]] supports single logout and is found in the registry as [id=10000000,name=ShiroClient-demo,description=ShiroClient-demo service,serviceId=^(https|imaps|http)://localhost:8083.*,usernameAttributeProvider=org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider@d,theme=demo,evaluationOrder=100,logoutType=BACK_CHANNEL,attributeReleasePolicy=org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy@c34d45[attributeFilter=<null>,principalAttributesRepository=org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository@608ee0f5[],authorizedToReleaseCredentialPassword=false,authorizedToReleaseProxyGrantingTicket=false,excludeDefaultAttributes=false,principalIdAttribute=<null>,allowedAttributes=[school_multi, email]],accessStrategy=org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy@1f1ad3ff[enabled=true,ssoEnabled=true,requireAllAttributes=true,requiredAttributes={},unauthorizedRedirectUrl=<null>,caseInsensitive=false,rejectedAttributes={}],publicKey=<null>,proxyPolicy=org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy@4dc523be,logo=<null>,logoutUrl=http://localhost:8083/logout,requiredHandlers=[],properties={},multifactorPolicy=org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy@7901c19e[multifactorAuthenticationProviders=[],failureMode=CLOSED,principalAttributeNameTrigger=<null>,principalAttributeValueToMatch=<null>,bypassEnabled=false],informationUrl=<null>,privacyUrl=<null>,<null>]. Proceeding...>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceLogoutUrlBuilder] - <Logout request will be sent to [http://localhost:8083/logout] for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Prepared logout url [http://localhost:8083/logout] for service [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Creating logout request for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]] and ticket id [ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Logout request [org.apereo.cas.logout.DefaultLogoutRequest@32c309f0[ticketId=ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI,service=org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML],status=SUCCESS]] created for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]] and ticket id [ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Logout type registered for [org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML]] is [BACK_CHANNEL]>
2019-06-04 21:30:38,161 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Creating back-channel logout request based on [org.apereo.cas.logout.DefaultLogoutRequest@32c309f0[ticketId=ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI,service=org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML],status=SUCCESS]]>
2019-06-04 21:30:38,162 DEBUG [org.apereo.cas.logout.SamlCompliantLogoutMessageCreator] - <Generated logout message: [<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-3-UwxHvvQlWqFwQlg6OqWrDOsmHhyC1SQsM6j" Version="2.0" IssueInstant="2019-06-04T21:30:38Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI</samlp:SessionIndex></samlp:LogoutRequest>]>
2019-06-04 21:30:38,162 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Preparing logout request for [http://localhost:8083/sample/] to [http://localhost:8083/logout]>
2019-06-04 21:30:38,162 DEBUG [org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler] - <Prepared logout message to send is [org.apereo.cas.logout.LogoutHttpMessage@2ff024[url=http://localhost:8083/logout,message=<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="LR-3-UwxHvvQlWqFwQlg6OqWrDOsmHhyC1SQsM6j" Version="2.0" IssueInstant="2019-06-04T21:30:38Z"><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">@NOT_USED@</saml:NameID><samlp:SessionIndex>ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI</samlp:SessionIndex></samlp:LogoutRequest>,asynchronous=true,contentType=application/x-www-form-urlencoded,responseCode=0]]. Sending...>
2019-06-04 21:30:38,163 DEBUG [org.apereo.cas.logout.DefaultLogoutManager] - <Captured logout request [org.apereo.cas.logout.DefaultLogoutRequest@32c309f0[ticketId=ST-2-Cz1Eyy9fTLSPWcbJTcro-DESKTOP-9HOHOSI,service=org.apereo.cas.authentication.principal.SimpleWebApplicationServiceImpl@78fbff0b[id=http://localhost:8083/sample/,originalUrl=http://localhost:8083/sample/,artifactId=<null>,principal=casuser,loggedOutAlready=true,format=XML],status=SUCCESS]]>