From: Chris H. <ch...@d6...> - 2012-02-01 20:57:40
|
I'm having weirdness with the centralized logout feature of cosign, and before I try debugging the various pieces, I figured I'd ask if it was actually normal. If I'm logged into a cosign protected page, and then I click a link to go to the logout page, then logout, I can hit the back button to go back to the original protected page. At first I thought this was just the browser cache, but I can actually click links on that page and go to other cosign protected pages that aren't in my cache. Looking at the headers a bit I notice the logout clears the "cosign" cookie, but the "cosign-blah" cookie isn't cleared. I haven't thoroughly tested this, but it seems like if I go back and hit refresh a while later, then it redirects to the login page like I'd expect. Do I have something misconfigured? Is there some delay? Do I need to debug this at a lower level? Thanks, Chris |