To implement single sign off, i would like the user to get logged out of application B additionally when ever the user clicks logout on application A. Is it possible to implement this using some form of a POST request to application B? i.e. when the user clicks on logout:
- Generate existing POST request to logout of application A
- Generate additional POST request to logout of application B as well.
How to keep link alive on mongoose web server
C++ Concurrent GET requests
When to send HTTP status code?
HTTP 400 : detected invalid characters in the URL. IIS decoding URL too early? Whats going on here?
Coding this up and deploying it would make your overall IT solution a bit brittle.
How to send an HTTP header in java
How to specify an external website for XMLHTTPRequest
Another suggestion is to take this up with your (Enterprise) architect as SSO is usually an enterprise initiative and point her to (very cogent) arguments in this post : http://lists.danga.com/pipermail/yadis/2005-July/001085.html .
Why is curl sending the command-line before the message body in an HTTP PUT?
What C++ library should I use to implement a HTTP client? [closed]
As the form can have only one action, it can only target one server-side page.. One solution is to simply have Application A forward sign-out credentials to Application B once one action is received, which allows for more opportunities to check returns.. If, however, you're set on POST'ing to different pages, see this tutorial for one iframe-related hack - http://www.codeproject.com/KB/scripting/multiact.aspx.
A Servlet that traces each POST request to validate the cookie is required for each application..