>>> What I need is a way to log out so when I'm requested my username and password again I can choose a different one. I also want to be able to log out and still use my application as an anonymous user. My app lets me do lots of things but it shows me less data than to an authenticated user in that case. >>> At the time where you logout from your application and access URL which do not require authentication, this should work.
>>> If the single sign out is a just fediz implementation limitation, but there's a way to log out from other implementations, then it's ok. >>> It's a limitation now in fediz. Thanks Oli ------ Oliver Wulff Blog: http://owulff.blogspot.com Solution Architect http://coders.talend.com Talend Application Integration Division http://www.talend.com ________________________________________ From: Federico Tello Gentile [[email protected]] Sent: 16 July 2013 20:37 To: [email protected] Subject: Re: Running Fediz Spring example webapp El 16/07/13 15:12, Oliver Wulff escribió: > What is your expectation of a logout? If you don't have an IDP > component and instead authenticate against LDAP directly within > Tomcat, you'll loose your application http session and all data > stored in the application session is gone. When you access the > application again, you're promted to enter username/password again > and a new application session is created. The purpose of single sign > on is that you got a session with the IDP and a session with each > application which you accessed since the login with the IDP. If you > "logout" from the application, the application session is gone, but > not the session with the IDP. There is also the concept of single > logout but this means that you logout from all the applications which > are accessed after the IDP session is created. Is this the > functionality you're looking for? > > Thanks My long term goal is to change the CAS authetication in my app with WS-Federation authentication. I guess there isn't single sign out support yet. https://issues.apache.org/jira/browse/FEDIZ-19 What I need is a way to log out so when I'm requested my username and password again I can choose a different one. I also want to be able to log out and still use my application as an anonymous user. My app lets me do lots of things but it shows me less data than to an authenticated user in that case. I don't think I'll be using Tomcat as the identity server. (There's an active directory here [https://186.33.232.65/] that I have to point to eventually). If the single sign out is a just fediz implementation limitation, but there's a way to log out from other implementations, then it's ok.
