What is the mod_auth_cas logout callback URL?

[ssoguroo]

For example, when the user logs out in the application with /app1/exit, not only application should close application session, but SSO session should be invalidated. Else, after the application logout, it goes to SSO validation and comes back to Application Home Page.

In Siteminder this is achieved by using this directive in LocalConfig:

LogoffUri="/app1/exit"

How do we achive the same here?

[dhawes]

Most people write their own logout page to delete the mod_auth_cas cookies and then redirect to CAS to logout there. A discussion of this is at:

https://groups.google.com/a/apereo.org/forum/?utm_medium=email&utm_source=footer#!msg/cas-user/d8bfgEK-W0U/Jp6QxIOiBAAJ

You can also experiment with CASSSOEnabled to use the CAS protocol single sign out. Note that this is experimental in mod_auth_cas.

There has been discussion over the years about adding a directive to add some kind of logout endpoint that does this, but there is nothing currently available. I have a proof of concept, but it would take a decent amount of work to get it to pull request state.

[putt1ck]

We're hitting this issue and would be happy to collaborate on a solution.

[dhawes]

See #48