administratively terminate specific SP session
peter.schober at univie.ac.at
Wed Feb 21 13:40:18 EST 2018
* Scott Koranda <skoranda at gmail.com> [2018-02-21 19:26]:
> > > If not, will you entertain a feature request for such capability?
> > I'm willing (esp. if it's divorced from having to implement SAML
> > administrative logout and let the IdP know) but it won't work with the
> > client-side feature in V3 unless we come up with some ugly workaround
> > like a session blacklist I guess.
> I specifically wrote 'entertain' because I am not convinced, based on
> the other thread, the effort would be worth it. Especially if it cannot
> be recovered for V3.
I didn't understand the comments about a v3 SP to mean that it will no
longer be able to use server-side session storage?
If that's correct then whatever you do today you could still do with
v3, you just can't have it both ways: "stateless clustering" and
"server-side session removal" at the same time.
More information about the users