CAS 3.1은 single sign out을 지원하도록 설계되어 있습니다. 언제든지 부여된 티켓이 만료되면 로그아웃 프로토콜이 초기화 될 수 있습니다. 로그아웃을 지원하지 않는 클라이언트는 추가의 요구사항을 아무것도 하지 않았다고 나타내는 그들의 로그에 남길 수 있습니다.
... 번역하다가 실패... 아래 내용은 이해 되는대로 다시 정리 -_ㅜ...
Where Single Sign Out Works:
Clients / Languages whose session management is maintained on the server side. CAS clients can then access session information to end the session. CAS 클라이언트는
Where Single Sign Out Doesn't Work:
Clients / Languages whose only session management consists of cookies. CAS does not have access to the browser's cookies and cannot therefore terminate a session. (however, closing a browser window should do that)
How it works:
When a CAS session ends, it will callback to each of the services that are registered with the system and send a POST request with the following:
The URL that will be POSTed to is the original service url.
At this moment the session identifier is the same as the CAS Service Ticket (the service ticket should be sufficiently long to be secure). The session identifier should map back to a session which can be terminated (i.e. deleted from a database, expired, etc.)
Alternative future choices for this protocol would be to transfer the LogoutRequest via SOAP (like SAML 1.1 responses).
Disabling Single Sign Out on the Server
Because not all clients support single sign out, you may need to disable it at the server level. Each ArgumentExtractor has a property called "disableSingleSignOut", which if set to true will make sure the callback does not occur.
