[mitreid-connect] Session Management
Justin Richer
jricher at MIT.EDU
Tue Jun 3 08:17:46 EDT 2014
Hi,
Sorry, I thought for sure I had responded to this. At the moment, there
are no concrete plans to implement the session management specification
before it finalizes. There hasn't been demand for it (yet) and there
aren't many implementations of it to go off of. Even Google, who wrote
the original spec, has diverged from the current version in their own
implementation.
Revoking all tokens for a user wouldn't really enable single logout.
Each RP you're signing in to isn't going to be going through an
authentication step with every page load, it's more likely going to have
its own local session with the user. This session will continue whether
or not the ID Token and Access Token are still valid.
-- Justin
On 6/2/2014 9:36 AM, Christian Metzler wrote:
> Is this Mailing List up to date? Or is there a different way to get answers to my questions on MitreID Connect?
>
> Am 19.05.2014 um 11:04 schrieb Christian Metzler <Christian.Metzler at abas.de>:
>
>> Hi,
>>
>> I'm currently evaluating the MitreID Connect implentation. I wonder if
>> there are plans to implement the Session Management specification
>> according to http://openid.net/specs/openid-connect-session-1_0.html
>>
>> In addition I would be interested if it is possible to revoke all tokens
>> for a specific user session programatically. This would enable a single
>> logout. My idea is to specify a new scope (similar to offline_access)
>> called online_access which specifies, that a client only can get new
>> access tokens as long as the session is alive.
>>
>> Regards,
>>
>> Christian
>> _______________________________________________
>> mitreid-connect mailing list
>> mitreid-connect at mit.edu
>> http://mailman.mit.edu/mailman/listinfo/mitreid-connect
>>
>
> _______________________________________________
> mitreid-connect mailing list
> mitreid-connect at mit.edu
> http://mailman.mit.edu/mailman/listinfo/mitreid-connect
More information about the mitreid-connect
mailing list