Shibboleth & Wordpress Logout
chris at fdu.edu
Fri Nov 9 13:29:50 EST 2012
I have implemented Wordpress v3.4.1 & Shibboleth SP v2.5.0 using the Shibboleth module. I have observed that SP and Wordpress session cookies are removed if a user logs out locally on the wordpress host but the Wordpress session cookies remain when I logout of Shibboleth from another SP. I am trying to figure out what options I have to deal with this security issue. Are there any settings I have overlooked? Is there an additional module I don't know about? Any suggestions on dealing with this vulnerability would be appreciated.
Thank you in advance,
More information about the users