The problem is that the CAS server sends single sign out requests to the service URL. If you hard code config.rubycas.service_url this isn't a problem, but we don't want to do that for various reasons.
If you don't set the service_url, rubycas-client uses the current URI. However, typically these URI's are only valid for GET, but single sign out notifications are sent as POST. In Rails 3.0 this wasn't a problem, but Rails 3.1 responds with a 404 to the POST before the CAS filter runs.
The problem is that the CAS server sends single sign out requests to the service URL. If you hard code config.rubycas.service_url this isn't a problem, but we don't want to do that for various reasons.
If you don't set the service_url, rubycas-client uses the current URI. However, typically these URI's are only valid for GET, but single sign out notifications are sent as POST. In Rails 3.0 this wasn't a problem, but Rails 3.1 responds with a 404 to the POST before the CAS filter runs.