logout and misc Qs --shib idp

[David Langenberg]

+++1 here too.  The lack of any sort of official logout support
(closing the browser does not count when talking to most prospective
SPs) is the single biggest problem I have in getting new projects to
choose Shibboleth over legacy authentication.

Dave

On Mon, Nov 5, 2012 at 11:54 AM, Barry R. Ribbeck
<Barry.R.Ribbeck at rice.edu> wrote:
> ++1
>
> I have also experienced faculty not wanting use Shib due to not having a
> mechanism to log out cleanly.  Especially now with all of the major browser
> wanting to support cookie caching as the default behaviour I would like to
> throw my vote towards development in this area.
>
> Barry
>
>
>
>
> On 11/05/2012 12:42 PM, David Bantz wrote:
>
> +1
>
> I have service owners refusing to use Shibb or even backing out once
> integrated,
> citing concerns over automatic recovery of sessions.
>
> David Bantz
> UA OIT IAM
>
> On Mon, 5 Nov 2012, at 05:36 , "Cantor, Scott" <cantor.2 at osu.edu> wrote:
>
> I think a checkbox during login to bypass SSO on shared machines is a
> fairly crucial feature at this point to at least allow users with clue to
> protect themselves….
>
>
> Time permitting, we will still be looking at trying to build an IdP-only
> logout mechanism that formally clears that state using the standard
> protocol. Chad had planned to before he left the project, and I still hope
> to pick up that work.
>
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net



-- 
David Langenberg
Identity & Access Management
The University of Chicago