https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19160
Bug ID: 19160
Summary: CAS Single Log Out
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
CAS allows not only Single Sign On, but also Single Log out.
Specification:
https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html#233-single-logout
2.3.3 Single Logout
The CAS Server MAY support Single Logout (SLO). SLO means that the user gets
logged out not only from the CAS Server, but also from all visited CAS client
applications. If SLO is supported by the CAS Server, the CAS Server MUST send a
HTTP POST request containing a logout XML document (see Appendix C) to all
service URLs provided to CAS during this CAS session whenever a Ticket Granting
Ticket is explicitly expired by the user (e.g. during logout). CAS Clients that
do not support the SLO POST requests MUST ignore these requests. SLO requests
MAY also be initiated by the CAS Server upon TGT idle timeout.
Koha currently doesn't support this, but it should in order to improves patron
privacy and data security.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
