" However, we may eventually re-implement one or both of the other two methods (iframe and link+popup) to support packaged software that requires direct interaction from the user's browser."
That's the concern we have here, that (I suspect) we have a lot of packaged software that might not support the SAML callback out of the box approach. Seems to make it work would require us to make modifications to all the apps in some way to handle the callback. These apps all have login urls, seems it would be less intrusive to use the method of sending back a page to the client after a CAS logout with all the logout urls embedded as iframes. I'm certainly no expert in this area though, we're just looking at our options but would prefer to avoid having a lot of work on all the client apps. Thanks for the prompt feedback by the way. -----Original Message----- From: Nathan Kopp [mailto:[email protected]] Sent: Thursday, 13 May 2010 1:42 AM To: [email protected] Subject: RE: [cas-user] CCC Single Sign Off Server Distribution? I agree with Marvin. You should use the built-in SAML functionality. We only re-implemented our protocol (as a layer on top of the SAML functionality) in order to support some existing clients that use our unique protocol. New clients will use the SAML protocol, and eventually we'll be upgrading our existing clients to use the SAML logout. However, we may eventually re-implement one or both of the other two methods (iframe and link+popup) to support packaged software that requires direct interaction from the user's browser. Nathan Kopp Applications Strategist Information Technology Group Campus Crusade for Christ, Int'l 407-826-2939 Office | 407-484-8485 Mobile | 407-826-2968 Fax -----Original Message----- From: Marvin Addison [mailto:[email protected]] Sent: Wednesday, May 12, 2010 9:26 AM To: [email protected] Subject: Re: [cas-user] CCC Single Sign Off Server Distribution? I would argue you'd be better served simply using the SAML-based single sign out feature that is supported in current CAS server and client versions. It works out of the box and lots of folks are using it. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail is confidential. If you are not the intended recipient you must not disclose or use the information contained within. If you have received it in error please return it to the sender via reply e-mail and delete any record of it from your system. The information contained within is not the opinion of Edith Cowan University in general and the University accepts no liability for the accuracy of the information provided. CRICOS IPC 00279B -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
