Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

In a non-federated suite of applications where the applications and authentication mechanism is controlled by a single institution,  logout is a simple requirement to implement. 

In a federated SSO scenario, to implement logout functionality, the following must be answered:

  • Will the user be using a shared workstation/kiosk where especially important that a previous user's session not be assessable by a new user?
  • At which college/district IDP did the user authenticate?
  • If a user is logged into to multiple applications, does logging out of one application mean the user should be logged out of all applications?  For example, if the user is logged into MyPath and Canvas, does logging out of MyPath also mean the user should be logged out of Canvas?





Reference

https://wiki.shibboleth.net/confluence/display/CONCEPT/SLOIssues

http://xacmlinfo.org/2013/06/28/how-saml2-single-logout-works/

https://www.portalguard.com/blog/2016/06/20/saml-single-logout-need-to-know/


  • No labels