figureone
commented
6 months ago Is your CAS server configured for SLO (Single Logout)? https://apereo.github.io/cas/7.0.x/installation/Logout-Single-Signout.html#single-logout-slo
If so, we can work on responding to that event notification. Our institution has it disabled so we never built the functionality to destroy the WordPress session on CAS logout.
Alternatively, you can shorten the length of the WordPress sessions so they invalidate quicker, requiring a round trip back to CAS to authenticate. This would at least shorten the time between CAS logout and WordPress logout. https://developer.wordpress.org/reference/hooks/auth_cookie_expiration/
Hi everyone and thank-you for this great plugin!
I've managed a multisite WP. Login process is perfect, but if I close the CAS session, WP session remains open.
Any hint?
Regards, Inti