Hi, Thanks again for bringing this up, we keep track of this requests to improve our products. Unfortunately there isn't a solution for a user walking away with the session/browser open, at the moment the best is to advise users to close the session/browser.
Julian On Oct 17, 1:57 pm, "Patricia Goldweic" <[EMAIL PROTECTED]> wrote: > Everybody is experiencing the same issue, and I second your request to > Google for some upgrade to their end that includes a 'logout' of some kind > (clearing cookies as you suggest) before the redirection to the partner SSO > happens. This would really help, and not just with respect to security. For > example, in our case, our Google Apps integration allows users to log in > consecutively to different accounts to share information with different > university courses, so we have the same kind of problem as you have. > -Patricia > > Patricia Goldweic > [EMAIL PROTECTED] > > > -----Original Message----- > > From: [email protected] > > [mailto:[EMAIL PROTECTED] On Behalf Of Brian > > Sent: Thursday, October 16, 2008 9:25 PM > > To: Google Apps APIs > > Subject: [google-apps-apis] SSO and security > > > Hi. > > > We're experiencing the same issue as noted here > >http://groups.google.com/group/google-apps-apis/msg/2a010bc76c > > 267588?pli=1. > > > Simply stated, if a user browses away from their SSO > > authenticated mail session and walks away from the computer, > > the next person to sign on will get the previous users' email. > > > The responses I've seen so far haven't really addresses the > > issue, since most require the user to click the sign out link > > in some way. > > It's inevitable that some will forget and we need something > > to mitigate the resulting security problems. > > > Would it be possible for Google to add a bit of code on their > > end, perhaps checking a parameter requesting a session clear? > > Something likehttp://www.google.com/a/abc.com/?clearstate > > and kill the session cookies before issuing a redirect to our > > SSO? page. > > > TIA > > > -brian > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
