Forcing logout with NativeSP
Kevin P. Foote
kpfoote at iup.edu
Thu Sep 29 21:19:55 BST 2011
Are you looking for something like this?
<Location ~ "^/Security/logout">
AuthType shibboleth
ShibRequireSession Off
require shibboleth
</Location>
------
thanks
kevin.foote
On Thu, 29 Sep 2011, Stephen Chan wrote:
-> Hi,
-> I'm working on shibboleth integration for a CMS we run and wanted
-> to get some suggestions for the best way to proceed.
->
-> There are 2 URL's used by the CMS to handle login and login,
-> /Security/login and /Security/logout. Using the native SP it is
-> straightforward to put a Shibboleth auth-type setting on
-> /Security/login and have all the appropriate attributes available to
-> be read by the web app.
->
-> The part that I would like advice on is how to handle logout. Is
-> there a way to configure Apache to require _no_ shibboleth session on
-> /Security/logout and have the Native SP module redirect to
-> /Shibboleth.sso/logout with a return URL? I would like for the
-> NativeSP shib session to be expired by the control returns to the CMS,
-> so that it can simply cleanup the CMS session.
->
-> The only way that comes to mind is to setup a mod_rewrite rule that
-> tests for auth_type being set to Shibboleth, and then redirecting to
-> /Shibboleth.sso/logout?return={original url} - but I was hoping for
-> something that was cleaner.
->
-> Thanks,
-> Steve
-> --
-> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
->
More information about the users
mailing list