Skip to content
Branch: master
Go to file
Code

Latest commit

cuonglm committed 58f39db Jul 10, 2020
…1053)

When user signin to 2 sites "a.example.com" and "b.example.com", we're
using the same session for user when accessing those sites. When user
singout from "a.example.com", that session is marked as deleted, thus
user now can not access "b.example.com" nor re-signin to get new access.
User must wait the cookie is expired, or delete the cookie manually to
re-signin to "b.example.com".

This is also affected if user signout from authenticate service
dashboard page directly.

To fix this, we will clear the session state if the session was deleted,
authorize service will return unauthorized, so the user will be
redirected to re-authenticate.

Updates #1014
Updates #858

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Jan 2, 2019

README.md

pomerium logo

pomerium chat Travis CI Go Report Card GoDoc LICENSE codecov Docker Pulls

Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN.

Pomerium can be used to:

  • provide a single-sign-on gateway to internal applications.
  • enforce dynamic access policy based on context, identity, and device state.
  • aggregate access logs and telemetry data.
  • a VPN alternative.

Docs

For comprehensive docs, and tutorials see our documentation.

You can’t perform that action at this time.