IDP logout in V3
Wessel, Keith
kwessel at illinois.edu
Mon Jun 29 11:18:17 EDT 2015
Got 'ya. As long as it fails rather than making the userj think they're logged out when they're not, it'll probably float around here.
Thanks very much,
Keith
-----Original Message-----
From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Cantor, Scott
Sent: Friday, June 26, 2015 4:45 PM
To: Shib Users
Subject: RE: IDP logout in V3
> Thanks, Scott. By "generally", are there caveots for IDP logout with session
> cookies that I need to be aware of?
The edge case is if you deliver a SAML logout request that identifies the session but don't deliver the cookie. I don't believe I implemented anything yet to peg the NameID for later disposal, so that's a hole and I think it will fail the request.
-- Scott
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list