Single sign-out: how to specify callback URL #26
Description
With single sign-out turned on, when I log out via the CAS server (as opposed to one of the consumer applications), the server tries notifying the consumers, using the "service" urls.
These service urls seem to have a fixed value: that that the Rails consumer app had when the before_filter caused a redirection for logging in.
Example:
- User logged out, has no ticket
- Tries going to my.app.com/foo
- Gets redirected to cas.server.com, and the ticket's service value gets bound to
my.app.com/foo - Uses the app for a while
- Goes to cas.server.com/logout, logs out
- Server notifies app, but sends a request to /foo (some arbitrary domain-specific functionality) rather than /logout (which would delete the app's login cookie).
How to supply a custom callback logout URL?