Re: [Dev] Configuring Single-Sign-On with OIDC(Backchannel Logout) in IS samples
On Tue, Mar 26, 2019 at 9:11 AM Isuranga Perera wrote: > Hi All, > > IS samples[1] allow the users to try out SSO with OIDC(scenario 02). In > this scenario, OIDC Session Management is used to invalidate > sessions(logout). However, OIDC supports 3 logout mechanisms as follow. > >1. Session Management >2. Back-channel Logout >3. Front-channel Logout > > If we're to provide scenarios for other two logout mechanisms we have to > disable session check feature used in session management. But this cannot > be done with the current implementation as it doesn't have any property to > change the logout mechanism used in the OIDC SSO scenario at the > application run time. > +1 to improve the code to check the session only in valid cases. Thanks ! > > Appreciate your insight on the priority of the $subject. > > [1] https://github.com/wso2/samples-is > > Best Regards > -- > *Isuranga Perera* | Software Engineer | WSO2 Inc. > +94 71 735 7034 | isura...@wso2.com > > -- Sagara Gunathunga | Director | WSO2 Inc. (m) +94712149951 | (w) +94 11 7435800 | (e) sag...@wso2.com ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Configuring Single-Sign-On with OIDC(Backchannel Logout) in IS samples
Hi All, IS samples[1] allow the users to try out SSO with OIDC(scenario 02). In this scenario, OIDC Session Management is used to invalidate sessions(logout). However, OIDC supports 3 logout mechanisms as follow. 1. Session Management 2. Back-channel Logout 3. Front-channel Logout If we're to provide scenarios for other two logout mechanisms we have to disable session check feature used in session management. But this cannot be done with the current implementation as it doesn't have any property to change the logout mechanism used in the OIDC SSO scenario at the application run time. Appreciate your insight on the priority of the $subject. [1] https://github.com/wso2/samples-is Best Regards -- *Isuranga Perera* | Software Engineer | WSO2 Inc. +94 71 735 7034 | isura...@wso2.com ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Force user reset password on their first login
Hi Team, My requirement is when the user logs in for the first time, they should be redirected to the change password screen. I'm not finding any supporting document for it, can you help me with the steps to implement the above-said functionality. Thanks Selva -- Sent from: http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2-Development-f3.html ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev