Reasons to use/not use HTML local storage?
kwessel at illinois.edu
Wed Dec 2 12:53:33 EST 2015
Thanks, Scott. Such a toggle might be useful if it exists or can be added in a future release.
From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Cantor, Scott
Sent: Tuesday, December 01, 2015 10:59 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: Reasons to use/not use HTML local storage?
On 12/1/15, 11:13 AM, "users on behalf of Wessel, Keith" <users-bounces at shibboleth.net on behalf of kwessel at illinois.edu> wrote:
>Turn which off? SAML logout or HTML local storage? I assume you mean turn off SAML logout and use HTML local storage for both purposes.
Something that actually isn't going to work out of the box is to remove SLO endpoints from your metadata, but then use the proprietary logout. That will try and propagate SAML logouts if it can do so, and then that will be a problem since the SPs won't be able to respond to your IdP (because of the missing SLO endpoint).
I can't recall that Marvin or I included some kind of toggle to avoid propagating logout (essentially restoring the previous logout behavior), but just modifying the logout view(s) should accomplish that by having it auto-select the "don't do global logout" choice the user is offered.
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users