<html>

  <head>

    <meta content="text/html; charset=windows-1252"

      http-equiv="Content-Type">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    <p>Our Javascript adapter supports the iframe session management

      stuff.  Also, OIDC added a logout endpoint.  See front and back

      channel logout specs:</p>

    <p><a class="moz-txt-link-freetext" href="http://openid.net/connect/">http://openid.net/connect/</a></p>

    <p>We may do something proprietary here, but no reason we can't

      support those new specs.<br>

    </p>

    <br>

    <div class="moz-cite-prefix">On 9/26/16 7:53 AM, Valerij Timofeev

      wrote:<br>

    </div>

    <blockquote

cite="mid:CAOy2obE+xysjDifXcZCqojf2Un+mPre7FTcAHOkynuqyJgUSww@mail.gmail.com"

      type="cite">

      <div dir="ltr">

        <div>

          <div>

            <div>Hi,<br>

              <br>

              I wonder whether the topic of Session Management will be

              covered by the OIDC certification<br>

              <a moz-do-not-send="true"

                href="https://issues.jboss.org/browse/KEYCLOAK-524">https://issues.jboss.org/browse/KEYCLOAK-524</a><br>

              <br>

              I'm asking this question because there is an issue with

              single logout in mod_aut_openidc:</div>

            According to<span class="gmail-vcard-fullname gmail-d-block">

              the main </span><span class="gmail-vcard-fullname

              gmail-d-block">mod_aut_openidc project's contributor Hans

              Zandbelt </span>the implementation in Keycloak "is not an

            implementation of OpenID Connect's Session Management.

            Looking at the spec: <a moz-do-not-send="true"

              href="http://openid.net/specs/openid-connect-session-1_0.html#OPiframe">http://openid.net/specs/openid-connect-session-1_0.html#OPiframe..."</a><br>

          </div>

          <div>Details can be found in <a moz-do-not-send="true"

              href="https://github.com/pingidentity/mod_auth_openidc/issues/175">https://github.com/pingidentity/mod_auth_openidc/issues/175</a>

            <br>

          </div>

          <div><br>

          </div>

          Best regards<br>

        </div>

        Valerij<br>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

keycloak-user mailing list

<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>

<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>

    </blockquote>

    <br>

  </body>

</html>