Hi Jan What do you think about making this configurable for both cases? In this release we can also change the DB schema quite easily. Thanks Oli
Von meinem Samsung Gerät gesendet. -------- Ursprüngliche Nachricht -------- Von: Jan Bernhardt <[email protected]> Datum: 13.03.2015 09:14 (GMT+01:00) An: [email protected], [email protected] Betreff: AW: [Fediz] Single Logout Flow at IDP It is not urgent from my point of view. Since the logout behavior will change I think it would be great to have this change in 1.2.0 and not in a bug-fix release. But it would also be ok IMHO. Best regards Jan > -----Ursprüngliche Nachricht----- > Von: Colm O hEigeartaigh [mailto:[email protected]] > Gesendet: Donnerstag, 12. März 2015 17:56 > An: [email protected] > Betreff: Re: [Fediz] Single Logout Flow at IDP > > Hi Jan, > > Yeah that makes sense IMO. Perhaps a task for 1.2.1 though or do you need it > for > 1.2.0? > > Colm. > > On Thu, Mar 12, 2015 at 4:51 PM, Jan Bernhardt <[email protected]> > wrote: > > > Hi Fediz Developer, > > > > I was wondering about the logout flow at the IDP. Currently we get a > > logout page first with a list of active RPs, then we need to confirm > > to do the actual logout. > > > > The WS-Federation standard describes two actions: wsignout1.0 and > > wsingoutcleanup1.0 > > > > Currently we treat both actions alike in Fediz IDP. I would suggest to > > change the logout behavior to only show the confirm dialog if > > wsignout1.0 is called and after confirmation navigating to the > wsingoutcleanup1.0 URL. > > If wsingoutcleanup1.0 is called directly we should not show a > > confirmation dialog but logout directly. > > > > This way we could also better support a federated logout scenario with > > multiple IDPs, without the need to confirm on each IDP individually. > > > > WDYT? > > > > Best regards > > Jan > > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com
