Spring Security with CAS logout Issue

Hi,

I am facing a problem with logout of my CAS integrated with Spring security. My requirements are - when i click on the logout of my application - i need to logout of my application, and also invalidate the session in CAS and be redirected to the CAS login page on successful logout.

I am getting an Exception encountered - java.lang.IllegalStateException when i try to redirect my application using the customLogoutHandler to the CAS login page. My logout method in customLogoutHandler implementing Spring LgoutHandler is


public void logout(HttpServletRequest request, HttpServletResponse response,
Authentication auth) {
// TODO Auto-generated method stub

try {
response.sendRedirect("https://application URL /logout.jspa");

} catch (IOException e) {

e.printStackTrace();
}


}

From the logs in the application i see this exception - Exception encountered -
java.lang.IllegalStateException

Websites say that i am trying to redirect a page and one of the following has occurred before it:

A response header has been set before.
A forward() or include() has been invoked on the same response before.
More than 2KB of data is been written to response.
Less than 2KB is been written and flush() is invoked


Need some help in this.

Thanks,
Mckenzie

For whatever reason it seems like your container thinks the response has already been committed before doing the redirect. This is part of the servlet spec to throw this exception in this case. I think you are going to need to step through the code and figure out where that is happening.

Also please UseCodeTags <- click