Hi. We're experiencing the same issue as noted here http://groups.google.com/group/google-apps-apis/msg/2a010bc76c267588?pli=1.
Simply stated, if a user browses away from their SSO authenticated mail session and walks away from the computer, the next person to sign on will get the previous users' email. The responses I've seen so far haven't really addresses the issue, since most require the user to click the sign out link in some way. It's inevitable that some will forget and we need something to mitigate the resulting security problems. Would it be possible for Google to add a bit of code on their end, perhaps checking a parameter requesting a session clear? Something like http://www.google.com/a/abc.com/?clearstate and kill the session cookies before issuing a redirect to our SSO? page. TIA -brian --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
