[keycloak-dev] openid connect logout is weird
Stian Thorgersen
stian at redhat.com
Wed Feb 5 09:54:11 EST 2014
Haven't read up on OpenID Connect yet, but it does seem a bit hack'ish. With cors support I don't see why the same couldn't be achieved with a ajax request.
----- Original Message -----
> From: "Bill Burke" <bburke at redhat.com>
> To: keycloak-dev at lists.jboss.org
> Sent: Wednesday, 5 February, 2014 2:11:01 PM
> Subject: [keycloak-dev] openid connect logout is weird
>
> http://openid.net/specs/openid-connect-session-1_0.html
>
> They set up invisible iframes so that an app can query the auth server's
> iframe to check to see if the login cookie is still set. Doesn't that
> seem weird?
>
> Was kind of hoping for a REST interface back to the application like we
> currently have.
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
More information about the keycloak-dev
mailing list