Page MenuHomePhabricator

Validate Single Logout Flow
Open, MediumPublic

Description

The CAS protocol supports Single Logout with a separate /logout endpoint. This requires some support on the application to effectively end the session.

We could probably set up daily regression tests which log in and log out into registered services (to e.g. prevent that e.g. the logout functionality breaks when we upgrade to let's day a new version of an application).

https://apereo.github.io/cas/5.1.x/installation/Logout-Single-Signout.html

Related Objects

StatusSubtypeAssignedTask
OpenNone
OpenNone

Event Timeline

herron triaged this task as Medium priority.Sep 26 2019, 5:17 PM
chasemp moved this task from Incoming to Watching on the Security-Team board.