sso authentication process
Luk Claes
luk.claes at ugent.be
Wed Mar 7 03:52:08 EST 2007
Quoting Scott Battaglia <scott.battaglia at gmail.com>:
> CAS 3 does not currently support single sign out. CAS 3.1 will support
> single sign out. Though, I'm not sure if we would support the scenario
> where logging out of one particular application logged you out of everything
> (or even notified other applications).
>
> Our initial scenario would probably be if your CAS session timed out or you
> explicitly logged out of CAS it would notify all applications from that CAS
> session.
Notify via some queue mechanism or via an URL supplied by the application at
login or maybe something else?
The second option is what we were thinking about using if possible.
It's simple,
it can handle complicated logout procedures even if one uses third party
software that is not (easy) to change...
> But again, we haven't finalized everything yet so we are interested in
> feedback.
Maybe it's possible to have the users choose if they want to only log
out of the
application or log out of all applications linked to the CAS session?
Ofcourse even than it should be possible to keep using the initial scenario as
fall back (or the other as fall back for the initial scenario)...
Cheers
Luk
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Luk Claes e-mail: Luk.Claes at UGent.be
Directie ICT Afdeling ICT-Toepassingen Groep ICT-projecten
Universiteit Gent fax: +32 9 264 4994
Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be
-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
More information about the cas
mailing list