[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [security-services] Server-Side State and Stateful Sessions
> So, if we insist on keeping the SOAP based SLO mandatory, I propose we > add some text that explains that some implementations do not lend > themselves well to logout messages that are not sent through the user > being logged out, and that SOAP based logouts should be used with such > implementations only in circumstances that require it, such as suspected > account compromise. Perhaps a possible metadata enhancement in the future would be preferencing indications on the different endpoints for a profile. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]