shibboleth-dev - RE: Draft of config changes for multi-protocol support
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: "'RL 'Bob' Morgan'" <>
- Cc: "'Shibboleth Dev Team'" <>
- Subject: RE: Draft of config changes for multi-protocol support
- Date: Mon, 4 Apr 2005 20:20:13 -0400
- Organization: The Ohio State University
> On the other hand, just sticking a URL in here isn't really right, since
> what you want to say is "the Logout Service of my IdP"; but of course we
> don't get logout services, or metadata about them, until 2.0. So maybe
> this can just be left to the app for now ...
Right, well, my thinking was that the first building block is a defined
endpoint to clear a session, and have a simple parameter that tells it where
to send the user afterward.
So on top of that, you could build the link so the user ends up at your
"well-defined" page if that's what you want. The starting link just has to
send the user to this endpoint with that parameter.
But it would be a simple matter to support another optional URL in the
<md:LogoutService> element or even define the ResponseLocation attribute as
having this meaning when the Binding attribute is
urn:mace:shibboleth:sp:1.3:Logout, which is my tenative profile URI for "the
1.3 cookie clearing hack".
-- Scott
- Draft of config changes for multi-protocol support, Scott Cantor, 04/01/2005
- Re: Draft of config changes for multi-protocol support, Diego R. Lopez, 04/03/2005
- Re: Draft of config changes for multi-protocol support, RL 'Bob' Morgan, 04/04/2005
- RE: Draft of config changes for multi-protocol support, Scott Cantor, 04/04/2005
Archive powered by MHonArc 2.6.16.