Java – Federation – openid logout

Java

Try Federation with appengine I have implemented the authentication part, but logout caused some problems When users click Create logout URL, they will log out of my application, but they will not log out of the Federation provider Stack overflow seems to have this behavior I know federal write off is impossible

Google Docs –

"You should urge users to clear all cookies except logout if they use a computer that does not belong to them and use a self-service terminal in public places. (a less attractive option is to tell users to log out of your application and then go to their openid provider's website and log out from there.) “

I don't want to ask users to clear cookies or visit the provider's site and log out - question: is there any way to automatically clear cookies (especially those set at login) once users click exit?

Solution

You can clear all cookies on your own website by sending a new null value... Unless your website places cookies in multiple subdomains!

Cookies in other domains cannot be cleared using links on your web page Giving JavaScript this power can be disastrous Errors in a single page may force me to log in again on all other sites, and it may take several times to notice the pattern This can become very annoying!

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>