• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Ron McLeod
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Paul Clapham
  • Rob Spoor
  • Junilu Lacar
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Carey Brown

Spring Security with CAS logout Issue

Posts: 21
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I am facing a problem with logout of my CAS integrated with Spring security. My requirements are - when i click on the logout of my application - i need to logout of my application, and also invalidate the session in CAS and be redirected to the CAS login page on successful logout.

I am getting an Exception encountered - java.lang.IllegalStateException when i try to redirect my application using the customLogoutHandler to the CAS login page. My logout method in customLogoutHandler implementing Spring LgoutHandler is

public void logout(HttpServletRequest request, HttpServletResponse response,
Authentication auth) {
// TODO Auto-generated method stub

try {
response.sendRedirect("https://application URL /logout.jspa");

} catch (IOException e) {



From the logs in the application i see this exception - Exception encountered -

Websites say that i am trying to redirect a page and one of the following has occurred before it:

A response header has been set before.
A forward() or include() has been invoked on the same response before.
More than 2KB of data is been written to response.
Less than 2KB is been written and flush() is invoked

Need some help in this.

Posts: 1682
Android Mac OS X IntelliJ IDE Spring Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For whatever reason it seems like your container thinks the response has already been committed before doing the redirect. This is part of the servlet spec to throw this exception in this case. I think you are going to need to step through the code and figure out where that is happening.

Also please UseCodeTags <- click
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
    Bookmark Topic Watch Topic
  • New Topic