I've created a Wiki page under our "WishList" to capture Single Sign Out use cases/requirements.
If you guys can document this stuff in our Wishlist, it would make it easier when it comes to implementation time :-) http://www.ja-sig.org/wiki/display/CAS/Single+Sign+Out Thanks -Scott On 3/7/07, Maciej Wisniowski <[EMAIL PROTECTED]> wrote:
> We've not been very effective in educating our users about the distinct nature > of CAS sessions and application sessions. I'm sure some users know they are > distinct, others think they are the same and others think they are both > distinct and the same simultaneously. The situation is not helped by some > client applications redirecting to the CAS logout page and others always using > renew=true so the user can get quite mis-leading messages. > We had no such problems with users. Our architecture is that we have one entry point - page that lists available applications. On this page there is also 'Logout' button that redirects to CAS logout page. Every application has button 'Close' that causes that user is logged out of this application (session.invalidate()) and redirected to start page (one with applications list). Then, if user still wants to logout he may simply click Logout link. If he wants to enter to different application he just selects this from the list. It works good for us and is understood by the users. Although there may be use cases when there are direct jumps between aplications etc. and in general this architecture assumes that user always properly closes the applications. -- Maciej Wisniowski _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
-- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
