Logout without closing the browser

Peter Schober peter.schober at univie.ac.at
Wed Dec 9 10:32:18 EST 2015

* Marvin Addison <marvin.addison at gmail.com> [2015-12-09 16:28]:
> First, we need to clarify the meaning of "logout." I'll define it as
> follows: the IdP session ends and the application sessions of all services
> accessed during the SSO session are ended. That definition I would argue is
> most consistent with user expectation.

So you claim. IMO users insisting on having "logout" have simply
internalized what we have told them for decades in pre-SSO
pre-federation days. As such you could just as well claim that they
are attempting the reverse of clicking "log in" on every application:
clicking logout on every application once they're done.

Anyway, since this has now moved into a discussion of what SLO is or
shoud/should be I'll have to drop a reference to the documentation
here, so that people ignorant of all the issues can have a look at
those themselfs, before we have to repeat everything here, poorly:
Of course updates for v3 will need to be reflected there, at some point.

More information about the users mailing list