search

rubycas / rubycas-client

Ruby client for Yale's Central Authentication Service protocol -- an open source enterprise single sign on system for web applications.
http://code.google.com/p/rubycas-client/
Other
332 stars 217 forks source link

Can you please provide an explanation as to why the session_store and the tmp/session must be shared? #73

Open Altonymous opened 10 years ago

Altonymous commented 10 years ago

I am trying to implement single sign out.. and I'm confused as to why the /tmp/session directory must be shared between all servers?

Why isn't it enough that the session_store be shared?

https://github.com/rubycas/rubycas-client#re-authenticating-on-every-request-ie-the-single-sign-out-problem

Also, is it possible to use memcache instead of the database for a shared session store? Currently, I use memcache because it is MUCH faster than the database.

I would like to continue to do so.

Thanks for a great gem!

cthielen commented 10 years ago

+1 I'm not sure why we have to change our session store to use this. Is it so one can query a session by CAS ticket ID?