cosign-discuss at umich.edu
general discussion of cosign development and deployment
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: logout when already logged out
Yeah, I've wondered about this a few times myself and have been meaning
to talk to our usability folks about it. I'm uncomfortable with silent
failure, but in this case I think it is utterly reasonable. Anyone
have any objections to my changing the code such that logout tells the
user everything succeeded even if it didn't but logs any strange errors
for admin perusal?
The vast majority of these cases will be that the user was not logged
in. Other possible errors (permission denied by cosignd, couldn't
contact cosignd, etc.) aren't really anything the user can do anything
about. As long as the cosign cookie has been nullified & expired in
his/her browser everything will behave properly.
On Jun 28, 2004, at 9:36 AM, Phil Pishioneri wrote:
During a discussion with one of our graphic folks who is working on
our customized pages, an interesting point came up:
When one is sitting on the verify logout page, and logs out elsewhere
(either a time-out, or by manually going through logout in another
window), and then attempts to logout of the first page, you get an
error page with the message
Logout failed. Perhaps you were not logged-in?
While true at one level, is it really a problem?
If you are actually logged out (vs. some internal problem preventing
logouts), mightn't it be less confusing for the client if the code
just redirected back to the main page (as it does for a successful
... "In, as you say, the mud." ...