OpenAM cluster & OIDC endSession

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

OpenAM cluster & OIDC endSession

WILBERT Romain-ext

Hello,

 

I have several OpenAM instances behind a reverse proxy and a load balancer, with replication activated.

 

Scenario:

 

·         User logs in with OIDC => let’s say on instance A

 

·         User navigate through app and then end the session (OIDC REST api call of endSession endpoint, so with no session affinity) => let’s say it is processed by instance B

 

 

Questions:

 

·         If the endSession goes to instance B, is there any unwanted side effects that could happen, like user OpenAM session is not ended ?

 

·         By the way, it seems that the OpenAM endSession endpoint is a REST api, but the OIDC draft specifies to redirect the browser to the endSession endpoint.

 

 

Thanks for any tips.

Romain

 

 

 

 


_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam