This is due to service cookie caching by the filter. If a service cookie is good, the filter caches it on the protected server, and populates environment variables from its contents. The cookie is then rechecked with the weblogin servers when more than a minute has elapsed since the last check.
The FAQ suggests the logout link of a protected service call a local logout script to destroy the cosign service cookie (i.e., cosign-servicename=null) before redirecting for global logout: Q: After I logout I can still access my Cosign Protected service for a small window of time. Is Cosign broken? What's wrong? A: Cosign is not broken and you have done nothing wrong. You merely need to customize and make use of the local logout script provided in scripts/logout. The filters have a cache time (default 2 minutes) during which they will not validate a user's status. As such, when a user returns post logout, the cache is still valid and the user is still "logged in" to that one site for a few seconds. To avoid this, simply call the local logout script which will re-direct the user to the main logout script. http://weblogin.org/faq.shtml andrew On Feb 1, 2012, at 3:26 PM, Chris Hecker wrote: > > I'm having weirdness with the centralized logout feature of cosign, and > before I try debugging the various pieces, I figured I'd ask if it was > actually normal. > > If I'm logged into a cosign protected page, and then I click a link to > go to the logout page, then logout, I can hit the back button to go back > to the original protected page. At first I thought this was just the > browser cache, but I can actually click links on that page and go to > other cosign protected pages that aren't in my cache. > > Looking at the headers a bit I notice the logout clears the "cosign" > cookie, but the "cosign-blah" cookie isn't cleared. > > I haven't thoroughly tested this, but it seems like if I go back and hit > refresh a while later, then it redirects to the login page like I'd expect. > > Do I have something misconfigured? Is there some delay? Do I need to > debug this at a lower level? > > Thanks, > Chris > > ------------------------------------------------------------------------------ > Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > _______________________________________________ > Cosign-discuss mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/cosign-discuss > > !DSPAM:4f29a76c8041627715042! > > > ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
