While it may "let user pass through without prompting credentials", the
user still cannot do any meaningful functionality, correct? I.e., any
updates/new reads/writes, etc.? The user is just seeing static info
from the time he did have a connect, right? If so, I think your
question is a general web application coding question (how do I blank
out pages from the user's cache), probably best asked on the user's
mailing list of the specific web service framework (Struts, Spring MVC,
etc.) you're using.
Glen
On 09/18/2012 05:42 PM, Gina Choi wrote:
I am using fediz-1.0.1 for SSO my application's Single Sign On. My STS is
ADFS2.0. When user clicks logout, we invalidate http session, but later if
the user browses any page of my application, it doesn't redirect user to
ADFS and let user pass through without prompting credentials. So, only way
to completely log out from my application is, user also need to either clear
up browser cookies or close the browser. This might causes confusion to
users. Any thought?
Thanks.
Gina Choi
--
View this message in context:
http://cxf.547215.n5.nabble.com/Logout-from-Fediz-from-single-web-application-tp5713780p5714103.html
Sent from the cxf-user mailing list archive at Nabble.com.
--
Glen Mazza
Talend Community Coders - coders.talend.com
blog: www.jroller.com/gmazza
