Re: [keycloak-user] OIDC certification: single logout with mod_auth_openidc
Our Javascript adapter supports the iframe session management stuff.
Also, OIDC added a logout endpoint. See front and back channel logout
specs:
http://openid.net/connect/
We may do something proprietary here, but no reason we can't support
those new specs.
On 9/26/16 7:53 AM, Valerij Timofeev wrote:
Hi,
I wonder whether the topic of Session Management will be covered by
the OIDC certification
https://issues.jboss.org/browse/KEYCLOAK-524
I'm asking this question because there is an issue with single logout
in mod_aut_openidc:
According tothe main mod_aut_openidc project's contributor Hans
Zandbelt the implementation in Keycloak "is not an implementation of
OpenID Connect's Session Management. Looking at the spec:
http://openid.net/specs/openid-connect-session-1_0.html#OPiframe..."
<http://openid.net/specs/openid-connect-session-1_0.html#OPiframe>
Details can be found in
https://github.com/pingidentity/mod_auth_openidc/issues/175
Best regards
Valerij
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
Attachments:
- attachment.html (text/html — 2.7 KB)