Forcing logout with NativeSP
Stephen Chan
sychan at lbl.gov
Fri Sep 30 05:21:48 BST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 9/29/11 5:23 PM, Cantor, Scott wrote:
>
> No, mostly because logout of a local app is not terribly useful,
I understand what you are saying from a Web SSO perspective, but in
our particular use case, it happens to be useful.
> and
> because your situation is pretty unusual. Almost all apps have a
> logout hook of some kind if they do anything at all.
This app does have a logout hook, and it was very useful for calling
the session logout code for SimpleSAMLPHP. I'd like to convert the app
to the native SP and use the same hook, however a browser redirect
introduces a lot more side effects than was originally planned for this
logout hook. I can still use the hook, I just wanted to explore other
options - such as expiring the SP session before even calling the CMS
logout code.
Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.12 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk6FQ9wACgkQcVd2YI1BWAip+gCfUS5mniDApJlHGIazogcFzCEO
w9EAn2FOWJMr4LlXVh/zeEv4eswA8jq/
=Je0s
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20110929/ddbcda2f/attachment.html
More information about the users
mailing list