-
assigned issue to
Session Sec 2 - op_logout_url description
I think op_logout_url probably better described as the URL at the IdP that a client can redirect a user to for logging out at the OP.
Comments (8)
-
-
- changed component to Session
-
- changed title to Session Sec 2 - op_logout_url description
-
Actually, op_logout_url probably needs to be included in Messages. It is independent of Session management. Even without session management, client may want to signal the IdP to log the user out, and it needs normative language there. I am thinking of a shared computer use case.
Wrt shared computer in library use-case, the IdP session continuing even after the browser being closed is an issue. The next person may be impersonate the previous person. Do you have any ways to solve it?
-
-
assigned issue to
John will apply this clarification.
-
assigned issue to
-
reporter -
assigned issue to
-
assigned issue to
-
Mike will do with the other session management edits
-
- changed status to resolved
Fixed
#605- op_logout_url description→ <<cset 55b1d634da50>>
- Log in to comment