[Koha-bugs] [Bug 18549] There should be a warning that logging out of Koha will leave browser session logged in to OAuth
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue May 9 11:20:05 CEST 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18549
--- Comment #6 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
I think this bug is somewhat misleading to the user, unfortunately.
Here's some questions that only the most technically aware will think to ask at
this point.
1) If I login to app A (also a google openid connect consumer), then login to
koha, then logout of app A will I be logged out of Koha too? - Current answer -
No
2) If I loging to google, then login to Koha, then logout of Google will I also
be logged out of Koha - Current answer - No
3) I've logged into Koha, then logged into App A, I then logout of Koha using
the 'Logout of Koha and Google' option.. can I assume I'm also logged out of
App A - Current Answer - No (and we can never ensure that either, as App A
needs to support SLO too)
I think the current (as in, in master) implementation is more 'the norm' and
that adding this patch actually obfuscates that clarity a bit more.. By
allowing a 'logout of google too' option, you're inferring that a google logout
affects koha in some way, when in fact it does not.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list