Terminate session if user does not accept terms&conditions

[Cantor, Scott]

(By which I mean you'd have to be able to identify the shared machines by network or whatever.)

-- Scott

On 6/10/21, 9:07 AM, "users on behalf of Cantor, Scott" <users-bounces at shibboleth.net on behalf of cantor.2 at osu.edu> wrote:

    On 6/10/21, 9:01 AM, "users on behalf of Oluf Færø" <users-bounces at shibboleth.net on behalf of ofa at klintra.fo> wrote:

    >    The current behaviour may be an issue when a public computer is used to start a service provider initiated
    > SAML2 login flow.

    SSO is impossible to rely on for a public computer, this is merely the tip of that iceberg. What you would want to do at minimum is hardwire in the flag that always prevents session use there but the most reliable fix is just hardwiring all the login flows to never persist, there's a condition to control that.

    -- Scott


    -- 
    For Consortium Member technical support, see https://urldefense.com/v3/__https://wiki.shibboleth.net/confluence/x/coFAAg__;!!KGKeukY!mj0DhJawsz4hoB6HmqE_sSjwcHVqitILMa_aAwnwK8W0sarA1RULh-2htohCaAU$ 
    To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net