tags:

views:

51

answers:

1
+2  Q: 

Single Sign Out accross multiple domains

Hi, I know there are very similar questions and answers posted. And I have used them for reference, but I would like to throw a specific case out there. A way to implement Single Sign Out / Single Log Out across multiple domains.

From what I read it looks like the only way is using a server to server service, ie. tracking users by verifying that they have access with the SSO server, every pageload.

What I mean by Single Sign Out is that a user signed on at multiple sites can sign out by clicking a link to sign out from the current site (and not be redirected to signout pages on all other sites)

I have looked at OpenID server, but I dont believe it can be extended to support this. SimpleSAMLphp looks like a better alternative.

Discuss

+1  A: 

You should store sessions data in some shared storage like database/Memcache using session identificators like user1194_dj1kldkjawi1ljidsa (1194 - user id). So then if you need to Sign Out on all domains, you need just to delete from session storage all entries with keys like user1194_*

SeniorDev  2010-10-08 11:13:54
This is what I came up with as well, but Im wondering why none of other SSO providers employ the same feature ? Google, facebook, openid, etc. Interestingly Google use an amalgamation of redirects and images which run scripts on other domains using `src=`. Maybe that is a possible answer. I don't like not being able to remove sessions in PHP not belonging to the current user.
Yarek T  2010-10-09 00:42:01

related questions

Using Apache's mod_auth across multiple sub-domains for single sign-on?
Windows Authentication for remote reporting services
How to open a link from one web app to another already authenticated?
Know of SSO turnkey Appliance with ldap, radius, openid, etc?
what is SSO
How can I share user sessions across multiple domains using Rails?
Is OpenID a flawed concept?
Can I abandon an InProc ASP.NET session from a session different than one making the request?
Sun Access Manager
SharePoint SSO with a PHP application on a different server?
SSO between ASP.NET, ASP and PHP
URL Based Authentication Link
How do I create a network of sites that understand single sign-on?
BizTalk resolving SSO error "Unable to redeem ticket, no ticket exists in the message"
Which SSO Framework to use?
How do I get user informations from a session id in ASP.NET ?
What are some ADFS alternatives for doing single sign on for an ASP.NET app with users in active directory?
SSO in webpages
Getting windows/domain credentials in asp.net while allowing anonymous access in IIS
IIS Authentication across servers
How do I get logout to work on RubyCAS-Server?
Strategy for single sign on with legacy applications
dotNetNuke/Moodle integration
Single Sign On across multiple domains
OpenID as a Single Sign On option??