CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cosign @ uMich and logging out

We use the example perl logout script that comes with the cosign src distribution. We install it locally on each protected service in /cgi-bin/logout (wish I'd chosen another URI, but it works). This script:

1. expires the service cookie
1a. can be modified to do whatever other clean-up you like (freeing DB sessions, for example).
2. redirects the user to our central logout cgi (the one written in C) and that prompts the user to logout.

We link to /cgi-bin/logout from all of our applications with a visible "logout" link and encourage other application providers to do the same. We have not published a central "logout" url, but visiting ""; when already authenticated displays a list of protected services and a link to the central logout CGI.


On Feb 28, 2005, at 10:43 PM, Brett Lomas wrote:

Hi Kevin, and others

just a quick question I have about how you guys have deployed CoSign.
How have you handled logouts from applications? The reason I ask is we
are in the process of converting our top applications to use CoSign and
are wrestling with the logout idea and are wondering if we should remove
any idea of logging out of the application etc. Also, how do you get
students to logout of CoSign in general? do you publish the URL and they
have to go there manually?

Thanks heaps.



... "I love being weird, or at least, I've made my peace with it." ...

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010