https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=19160 Bug ID: 19160 Summary: CAS Single Log Out Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: katrin.fischer@bsz-bw.de QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org CAS allows not only Single Sign On, but also Single Log out. Specification: https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html#... 2.3.3 Single Logout The CAS Server MAY support Single Logout (SLO). SLO means that the user gets logged out not only from the CAS Server, but also from all visited CAS client applications. If SLO is supported by the CAS Server, the CAS Server MUST send a HTTP POST request containing a logout XML document (see Appendix C) to all service URLs provided to CAS during this CAS session whenever a Ticket Granting Ticket is explicitly expired by the user (e.g. during logout). CAS Clients that do not support the SLO POST requests MUST ignore these requests. SLO requests MAY also be initiated by the CAS Server upon TGT idle timeout. Koha currently doesn't support this, but it should in order to improves patron privacy and data security. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.