Files: conf/authn/authn.properties, conf/access-control.xml
Format: Native Spring
| Table of Contents |
|---|
| Note |
|---|
This feature requires V4.3+ of the IdP software. |
Overview
The administrative logout feature is a way to address the need to disrupt existing sessions with the IdP in the event of account compromise. The actual implementation of this feature is not based on logout or disrupting sessions, but as “revocation”. This is primarily due to the fact that the default IdP configuration (and most deployments) use client-side storage for sessions, so the IdP cannot actually know what sessions may exist and can’t “delete” them out of band.
...