The server should provide a URL to invalidate the current session, for example /ipa/logout. This would be needed to implement a logout button/link in the UI.
The session_logout() RPC command was added in:
[PATCH 62] Tweak the session auth to reflect developer consensus.
It takes no parameters and returns no results. Failures are signalled by the normal error mechanism.
Note, if the session is close to expiring when the command is issued it's possible it will fail with a 403 Need Authentication error, the UI should trap this error and ignore it for this one command.
master: 9753fd4
ipa-2-2: 49289bc
Metadata Update from @edewata: - Issue assigned to jdennis - Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/02
Login to comment on this ticket.