Before doing these actions it is assumed that you have successfully: Launched JasperReports Server; Launched CAS; Integrated JasperReports Server authentication process via CAS; This quick tutorial will try to give you enough information to successfully let you implement JasperServer logout functionality that it could invalidate CAS session. JasperReports Server v6.0.1. All actions will need to be done in the file, applicationContext-security-web.xml . In the filterChainProxy bean add to the filter-chain filters attribute with the pattern attribute of /** these values: logoutFilter,casSingleSignOutFilter. It can look something like this: <security:filter-chain pattern="/**"
filters="httpSessionContextIntegrationFilter,encryptionFilter,delegatingCASSingleSignOutFilter,multipartRequestWrapperFilter,webAppSecurityFilter,jsCsrfGuardFilter,${bean.loggingFilter},${bean.userPreferencesFilter},delegatingPreAuthenticatedFilter,delegatingAuthenticationProcessingFilter,${bean.userPreferencesFilter},delegatingBasicProcessingFilter,delegatingRequestParameterAuthenticationFilter,JIAuthenticationSynchronizer,anonymousProcessingFilter,delegatingExceptionTranslationFilter,filterInvocationInterceptor,switchUserProcessingFilter,iPadSupportFilter,authenticationProcessingFilter,logoutFilter,casSingleSignOutFilter"/>
Add two filters and listener: <bean id="logoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter">
<constructor-arg value="https://localhost:6443/cas/logout"/>
<constructor-arg>
<list>
<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
<property name="filterProcessesUrl" value="/login.html"/>
</bean>
<bean id="casSingleSignOutFilter"
class="org.jasig.cas.client.session.SingleSignOutFilter"></bean>
<bean id="casSingleSignOutHttpSessionListener"
class="org.jasig.cas.client.session.SingleSignOutHttpSessionListener"></bean>
Property filterProcessesUrl with the value of "/login.html" will redirect jasper/login.html to cas/logout page