[security-dev] SP-initiated Single Log Out
Pedro Igor Silva
psilva at redhat.com
Wed Dec 3 20:03:11 EST 2014
Using front-channel SLO you need browser redirects. So you must send ?GLO=true to your SP from a browser.
But, if you are using back-channel SLO, I think you can invoke the IdP once with a ?GLO=true (using some http library) and it will invoke each SP to invalidate the session for the user. In this case, you need to pass the JSESSIONID from IdP, so it can restore user session and know the participants (SPs).
There is no API for that.
----- Original Message -----
From: "Adam Dong" <adamdong at vidder.com>
To: security-dev at lists.jboss.org
Sent: Wednesday, December 3, 2014 10:26:37 PM
Subject: [security-dev] SP-initiated Single Log Out
If I'd like to, from SP-side. initiate the SLO (single log out) programmatically (suppose it is the code behind a GUI "Logout" button), how to do that (which class and which method to call) ?
security-dev mailing list
security-dev at lists.jboss.org
More information about the security-dev