logout and misc Qs --shib idp

Steven Carmody Steven_Carmody at brown.edu
Mon Nov 5 16:28:04 EST 2012

On 11/5/12 2:29 PM, David Langenberg wrote:
> +++1 here too.  The lack of any sort of official logout support
> (closing the browser does not count when talking to most prospective
> SPs) is the single biggest problem I have in getting new projects to
> choose Shibboleth over legacy authentication.

we've deployed a page at our IDP that will delete the IDP's session cookie.

SPs can choose to redirect the user to this page if a user clicks LOGOUT 
at the SP site (after deleting all session cookies at the SP)

I believe there's also a version of the IDP page that asks the user 
whether or not they want to destroy the session at the IDP.

Would an approach like this address concerns from these SP operators ?

More information about the users mailing list