On 03/17/2014 04:02 PM, Paul B. Henson wrote:
From: Richard Frovarp
Sent: Monday, March 17, 2014 9:24 AM
You probably want the logout of a single system to log the user out of CAS.
Otherwise you could have surprising SSO's happen.
I dunno, it seems it would kind of defeat the purpose of "single sign-on", if
every time you stop using a single application you've got to sign on again to use a
different one...
But it isn't stop using an application (unless a timeout there forces a
logout of CAS). It's actually logging out of the application, and the
user desiring to remove their access to the system. What good is logging
out of an application if the only step required to get back in is
clicking the login button?
The SSO piece still works if the user enters in new URLs, or clicks
through links between different applications.
A surprising SSO is you logging out of a website, me sitting down,
clicking login, and then being you. That isn't the point of SSO.
Google works in a similar manner, except that they implement single sign
off between their systems as well.
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
