[
https://issues.apache.org/jira/browse/GUACAMOLE-519?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tim Worcester updated GUACAMOLE-519:
------------------------------------
Comment: was deleted
(was: [~vnick], So calling the openid logout directly from the browser may
cause CORS issues right? So I was looking to implement a listener in the
openid module that would get the user logout event which would need to have the
id_token from the openid provider. Then the guacamole-client backend could
call the logout url with the id_token and log the user out.
(But I couldn't find a backend event for Invalidate Session or User Logout)
)
> Implement Single Logout on OpenID Extension
> -------------------------------------------
>
> Key: GUACAMOLE-519
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-519
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole-auth-openid
> Environment: Ubuntu 16.04
> Tomcat 8
> Reporter: Kevin Chan
> Priority: Minor
>
> Currently when using OpenID Connect for authentication, when a user uses the
> logout link, they get re-authenticated and logged back in.
> Would like to override the logout to send an SLO and/or redirect user to a
> different site.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
