OpenID.您如何登出 [英] OpenID. How do you logout

问题描述

在一个网站上，我已经使用OpenID(基于StackOverflow)实现了登录.

On a website I have implemented the login using OpenID (based on StackOverflow).

但是我似乎无法注销.
在我的主机上，我可以注销，但是当用户尝试再次登录(尤其是使用google)时，身份验证将通过，而无需用户键入名称和密码.

But I can't seem to logout.
On my host I can logout but when the user tries to login again (especially with google) the authentication goes through without requiring the user to type in name and password.

如何向OpenID提供程序指示用户不再登录该网站?

How can I indicate to the OpenID Provider that a user is no longer logged into the site?

推荐答案

OpenID将用户身份验证到您的站点，然后在您的站点上启动会话.您会从用户与其OpenID提供者的会话中单独破坏或使站点的会话无效.

OpenID authenticates users to your site, when then starts a session on your site. You destroy or invalidate your site's session separately from the user's session with their OpenID provider.

用户访问joewidgets.com>用户使用OpenID登录(使用新的或现有的提供者会话)> ...用户单击注销> joewidgets.com破坏/使会话无效.

User visits joewidgets.com > User logs in with OpenID (with a new or existing provider session) > ... User clicks logout > joewidgets.com destroys/invalidates the session.

如果用户让其OpenID提供程序保持登录状态，您的系统会自动进行检查，则它将创建一个新的本地会话.不幸的是，您不必/不必担心用户在他们的提供程序上做或不做的事情，这是OpenID的优点/缺点.

If the user has their OpenID provider keep them logged in, and your system automatically checks, then it will create a new local session. (Un)fortunately, you don't/can't worry about what the user does or does not do at their provider, which is a pro/con of OpenID.

在社交口红处有一个参数，要求单一退出"，但 OpenID当前不提供此功能.

There is an argument at Social Lipstick which calls for "Single Sign-Out", but OpenID does not currently provide this function.

这篇关于OpenID.您如何登出的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！