Terminate session if user does not accept terms&conditions
Peter Schober
peter.schober at univie.ac.at
Thu Jun 10 13:42:45 UTC 2021
* Oluf Færø <ofa at klintra.fo> [2021-06-10 15:00]:
> The current behaviour may be an issue when a public computer is used
> to start a service provider initiated SAML2 login flow.
Then this has nothing to do with Terms Of Use, really.
If this is not some thought experiment but you control (or can
influence) the deployment of those public computers I'd suggest to:
* make sure the browser is configured to delete all data when closing
(or maybe only ever start the browser in private browsing mode,
which should achieve the same thing),
* make available some easy and obvious way (e.g. a red button
somewhere) to exit the complete desktop session (e.g. X11,
MS-Windows, whatever) or at least close/restart the browser,
* put a sticker or sign on the monitor that advises people to use
the method from the previous step to "log off" once they're done,
adding that they are responsibe for any mis-/use that happens from
not following that simple step.
Best,
-peter
More information about the users
mailing list