While participating in the Fedora test day of Ipsilon, I encountered an issue with single log out (SLO). If I access an SP and authenticate, then go to the IdP in another browser tab and logout, I remain logged into the SP. The mellon cookie will still be valid. If logout is initiated from an SP, then SLO works properly.
It seems like we need to make IdP initiated logout trigger SLO.
Fields changed
milestone: => 1.0 owner: => rcritten
design_link: => status: new => accepted
patch_available: 0 => 1
IdP-initiated logout for current user using HTTP Redirect.
master: 5497278
status: accepted => assigned
resolution: => fixed status: assigned => closed
rhbz: => 0
Metadata Update from @nkinder: - Issue assigned to rcritten - Issue set to the milestone: 1.0 m4
Log in to comment on this ticket.