Peter Schober peter.schober at
Fri Mar 8 06:28:51 EST 2013

* Bennett, Steve <s.bennett at> [2013-03-08 12:18]:
> If I understand it right, removing this handler would mean that
> logins would reauthenticate on every request, which would fall
> through to CoSign (which implements SSO and SLO). So would this give
> us better Single Logout behaviour, or would it cause something else
> to fail messily?

You should probably do that anyway, yes.
But no, it won't change a thing.
The subject's HTTP User Agent will have HTTP Cookies for each accessed
Service Provider (with a corresponding session there). Whatever you do
to your IdP or CoSign weblogin system can't change that (as you noted

More information about the users mailing list