You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@guacamole.apache.org by "Tim Worcester (Jira)" <ji...@apache.org> on 2020/11/02 23:26:00 UTC
[jira] [Issue Comment Deleted] (GUACAMOLE-519) Implement Single
Logout on OpenID Extension
[ https://issues.apache.org/jira/browse/GUACAMOLE-519?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tim Worcester updated GUACAMOLE-519:
------------------------------------
Comment: was deleted
(was: [~vnick], So calling the openid logout directly from the browser may cause CORS issues right? So I was looking to implement a listener in the openid module that would get the user logout event which would need to have the id_token from the openid provider. Then the guacamole-client backend could call the logout url with the id_token and log the user out.
(But I couldn't find a backend event for Invalidate Session or User Logout)
)
> Implement Single Logout on OpenID Extension
> -------------------------------------------
>
> Key: GUACAMOLE-519
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-519
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole-auth-openid
> Environment: Ubuntu 16.04
> Tomcat 8
> Reporter: Kevin Chan
> Priority: Minor
>
> Currently when using OpenID Connect for authentication, when a user uses the logout link, they get re-authenticated and logged back in.
> Would like to override the logout to send an SLO and/or redirect user to a different site.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)