It's not a Google cookie you should check, it's the cookie set by your SSO. Are you using a commercial SSO solution, or do you have your own customer app?
-Ryan On Jan 16, 2008 5:47 PM, JWise1203 <[EMAIL PROTECTED]> wrote: > > Ryan, > > Thanks for the suggestion. Quick question, how can I determine which > cookies on the user's machine to delete? Is there any documentation > regarding this? > > On Jan 16, 8:31pm, "Ryan Shelley" <[EMAIL PROTECTED]> wrote: > > This almost sounds like the token you're using for your SSO isn't being > > removed from the browser's cookies. In theory, the next time someone > goes > > to Google mail, it should send them through your SSO again. It's then up > to > > your SSO to validate/invalidate the session. So it sounds to me like > when > > the new user logs in, the old user's token is still in the browser and > not > > being invalidated. Make sure that when the new user logs in, you clear > any > > existing cookies that may exist for the SSO before setting a new one. > > > > On Jan 16, 2008 4:13 PM, JWise1203 <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > We have the following situation: > > > > > 1. Student A logs into Google mail via .NET SSO API from our student > > > portal. > > > 2. Student A reads their mail from a (window.open()) page. > > > 3. Student A closes the Google mail window once finished (without > > > clicking the "sign out" link). > > > 4. Student A logs off the student portal (original referring page), > > > but does not close the browser. > > > 5. Student A leaves. > > > 6. Student B (new) logs into the student portal using the same > > > browser > > > and their portal student information shows correctly. > > > 7. Student B logs into Google mail (window.open()) and (wait for > > > it) . . . they receive Student A's email account. > > > > > It looks like the "session" is not closing on the API request. > > > Meaning, if Student A was successful in logging into the Google Mail > > > service, then when Student B logs in, it is still authenticated and > > > uses A's credentials. NOTE: When the student clicks "Sign Out", the > > > page does load the next student's account login correctly, as > > > expected. > > > > > Thoughts? > > > > > -Jared- Hide quoted text - > > > > - Show quoted text - > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
