Re: [keycloak-dev] openid connect logout is weird
Haven't read up on OpenID Connect yet, but it does seem a bit hack'ish. With cors
support I don't see why the same couldn't be achieved with a ajax request.
----- Original Message -----
From: "Bill Burke" <bburke(a)redhat.com>
To: keycloak-dev(a)lists.jboss.org
Sent: Wednesday, 5 February, 2014 2:11:01 PM
Subject: [keycloak-dev] openid connect logout is weird
http://openid.net/specs/openid-connect-session-1_0.html
They set up invisible iframes so that an app can query the auth server's
iframe to check to see if the login cookie is still set. Doesn't that
seem weird?
Was kind of hoping for a REST interface back to the application like we
currently have.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev