...
If you choose to use a SAML2 service provider (SP) such as the Shibboleth Native SP or SimpleSAMLPhP for authentication you may find the COmanage Registry Shibboleth Embedded Discovery Service Plugin useful.
Integrate Web Server Logout
COmanage Registry uses a standard PHP session to track requests per user. Clicking the "Logout" button ends the PHP session but does not end any other session such as a session created during authentication. A common deployment pattern is to use a SAML service provider (SP) like the Shibboleth Native SP for Apache. To have the Shibboleth SP session terminated when the user clicks "Logout" you may wish to add to your Apache configuration something like
Code Block |
---|
Redirect /registry/users/logout https://<your host>/Shibboleth.sso/Logout?return=https%3A//<your host>/registry/ |