5 Replies Latest reply on Nov 30, 2010 5:55 PM by Jean Luc

    Can PicketLink check if the IDP has invalidated the session (aka "kick a user"?)

    Jean Luc Apprentice

      Hi (Marcel, most likely you will answer first),

       

      Is there a way for PicketLink to check periodically if the session is still valid in the SSO server or, even better, for the IDP (OpenSSO in our case) to send a message to the SP to invalidate a session? We would like to implement a mechanism to forcefully log out a user if need be, but still maintain a sensible session timeout for users (i.e., setting it at 5 minutes would be a major inconvenience).

       

      Thanks,

      -JL