Ryan, Thanks for the suggestion. Quick question, how can I determine which cookies on the user's machine to delete? Is there any documentation regarding this?
On Jan 16, 8:31 pm, "Ryan Shelley" <[EMAIL PROTECTED]> wrote: > This almost sounds like the token you're using for your SSO isn't being > removed from the browser's cookies. In theory, the next time someone goes > to Google mail, it should send them through your SSO again. It's then up to > your SSO to validate/invalidate the session. So it sounds to me like when > the new user logs in, the old user's token is still in the browser and not > being invalidated. Make sure that when the new user logs in, you clear any > existing cookies that may exist for the SSO before setting a new one. > > On Jan 16, 2008 4:13 PM, JWise1203 <[EMAIL PROTECTED]> wrote: > > > > > > > We have the following situation: > > > 1. Student A logs into Google mail via .NET SSO API from our student > > portal. > > 2. Student A reads their mail from a (window.open()) page. > > 3. Student A closes the Google mail window once finished (without > > clicking the "sign out" link). > > 4. Student A logs off the student portal (original referring page), > > but does not close the browser. > > 5. Student A leaves. > > 6. Student B (new) logs into the student portal using the same > > browser > > and their portal student information shows correctly. > > 7. Student B logs into Google mail (window.open()) and (wait for > > it) . . . they receive Student A's email account. > > > It looks like the "session" is not closing on the API request. > > Meaning, if Student A was successful in logging into the Google Mail > > service, then when Student B logs in, it is still authenticated and > > uses A's credentials. NOTE: When the student clicks "Sign Out", the > > page does load the next student's account login correctly, as > > expected. > > > Thoughts? > > > -Jared- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
