{"id":8944,"date":"2021-05-17T13:00:26","date_gmt":"2021-05-17T11:00:26","guid":{"rendered":"https:\/\/blog.rwth-aachen.de\/itc\/?p=8944"},"modified":"2024-07-25T09:11:24","modified_gmt":"2024-07-25T07:11:24","slug":"logout-rwth-single-sign-on","status":"publish","type":"post","link":"https:\/\/blog.rwth-aachen.de\/itc\/en\/2021\/05\/17\/logout-rwth-single-sign-on\/","title":{"rendered":"Safety First &#8211; Secure logout with RWTH Single Sign-On"},"content":{"rendered":"<div class=\"twoclick_social_bookmarks_post_8944 social_share_privacy clearfix 1.6.4 locale-en_US sprite-en_US\"><\/div><div class=\"twoclick-js\"><script type=\"text\/javascript\">\/* <![CDATA[ *\/\njQuery(document).ready(function($){if($('.twoclick_social_bookmarks_post_8944')){$('.twoclick_social_bookmarks_post_8944').socialSharePrivacy({\"txt_help\":\"Wenn Sie diese Felder durch einen Klick aktivieren, werden Informationen an Facebook, Twitter, Flattr, Xing, t3n, LinkedIn, Pinterest oder Google eventuell ins Ausland \\u00fcbertragen und unter Umst\\u00e4nden auch dort gespeichert. N\\u00e4heres erfahren Sie durch einen Klick auf das <em>i<\\\/em>.\",\"settings_perma\":\"Dauerhaft aktivieren und Daten\\u00fcber-tragung zustimmen:\",\"info_link\":\"http:\\\/\\\/www.heise.de\\\/ct\\\/artikel\\\/2-Klicks-fuer-mehr-Datenschutz-1333879.html\",\"uri\":\"https:\\\/\\\/blog.rwth-aachen.de\\\/itc\\\/en\\\/2021\\\/05\\\/17\\\/logout-rwth-single-sign-on\\\/\",\"post_id\":8944,\"post_title_referrer_track\":\"Safety+First+%26%238211%3B+Secure+logout+with+RWTH+Single+Sign-On\",\"display_infobox\":\"on\"});}});\n\/* ]]> *\/<\/script><\/div><p><div id=\"attachment_8947\" style=\"width: 310px\" class=\"wp-caption alignright\"><a href=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-1_RWTH-Single-Sign-On_Anmeldemaske-ENG_.png\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-8947\" class=\"wp-image-8947 size-medium\" src=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-1_RWTH-Single-Sign-On_Anmeldemaske-ENG_-300x239.png\" alt=\"The login mask of the RWTH Single Sign-On.\" width=\"300\" height=\"239\" srcset=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-1_RWTH-Single-Sign-On_Anmeldemaske-ENG_-300x239.png 300w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-1_RWTH-Single-Sign-On_Anmeldemaske-ENG_-1024x815.png 1024w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-1_RWTH-Single-Sign-On_Anmeldemaske-ENG_-768x611.png 768w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-1_RWTH-Single-Sign-On_Anmeldemaske-ENG_.png 1071w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><p id=\"caption-attachment-8947\" class=\"wp-caption-text\">Source: Own illustration<\/p><\/div><\/p>\n<p>Everyone who studies or works at <a href=\"https:\/\/www.rwth-aachen.de\/cms\/~a\/root\/?lidx=1\">RWTH<\/a> knows it: the <a href=\"https:\/\/help.itc.rwth-aachen.de\/en\/service\/rhb2fhkpjhb7\/article\/2cf300c672914715a0670959f4c5d286\">RWTH Single Sign-On<\/a>.<\/p>\n<p>This is not a dating service, but an application with which you can log in to almost all RWTH services. What is particularly charming is that you do not have to remember an infinite number of access data, but only one user name and the corresponding password.<\/p>\n<p>In addition, RWTH Single Sign-On recognizes if you are already logged in to a service, for example <a href=\"https:\/\/online.rwth-aachen.de\/RWTHonline\/ee\/ui\/ca2\/app\/desktop\/#\/login?$ctx=lang=en\">RWTHonline<\/a>. If you then log in to <a href=\"https:\/\/moodle.rwth-aachen.de\/?lang=en\">RWTHmoodle<\/a>, RWTH Single Sign-On waves the user through directly using the underlying &#8220;Shibboleth&#8221; application.<\/p>\n<p><!--more--><\/p>\n<h2><strong>Cookies, Cookies, Cookies<\/strong><\/h2>\n<p>But this is also where the potential security risk lies: Shibboleth stores encrypted application-relevant information about who the user is and what authorizations they have. This information is stored in cookies.<\/p>\n<p>Anyone who has access to your web browser can use all applications protected via Shibboleth as long as the session information from Shibboleth is stored in the browser.<\/p>\n<p>To make sure that nobody can access your browser unhindered with your data in the RWTH systems, the following points have to be considered:<\/p>\n<ul>\n<li>When you close your browser after your work is done, delete the cookies, at least those from sso.rwth-aachen.de and idm.rwth-aachen.de.<\/li>\n<li>Use the safe mode &#8211; also called private or incognito mode &#8211; of your browser! This will automatically delete all cookies of the session when you close the browser. It also prevents the recovery of the last session.<\/li>\n<li>Attention: the setting &#8220;restore session&#8221; should be turned off in your browser! Otherwise, even the safe mode of your browser will not work properly.<\/li>\n<\/ul>\n<h2><strong>Further Information<\/strong><\/h2>\n<p>Further information and instructions on how to securely log out of RWTH Single Sign-On will be displayed each time you click on &#8220;Log out&#8221; in Selfservice:<\/p>\n<div id=\"attachment_8948\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-2_Abmelden-im-Selfservice-SSO_EN.png\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-8948\" class=\"wp-image-8948 size-large\" src=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-2_Abmelden-im-Selfservice-SSO_EN-1024x629.png\" alt=\"The instructions for secure logout from the RWTH Single Sign-On.\" width=\"1024\" height=\"629\" srcset=\"https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-2_Abmelden-im-Selfservice-SSO_EN-1024x629.png 1024w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-2_Abmelden-im-Selfservice-SSO_EN-300x184.png 300w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-2_Abmelden-im-Selfservice-SSO_EN-768x472.png 768w, https:\/\/blog.rwth-aachen.de\/itc\/files\/2021\/05\/Bild-2_Abmelden-im-Selfservice-SSO_EN.png 1287w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><p id=\"caption-attachment-8948\" class=\"wp-caption-text\">Source: Own illustration<\/p><\/div>\n<p>You need information about deleting cookies for your browser? No problem! Under the following links you will find the corresponding information pages of the manufacturer:<\/p>\n<ul>\n<li><a href=\"https:\/\/support.google.com\/accounts\/answer\/32050?co=GENIE.Platform%3DDesktop&amp;hl=en\">Google Chrome<\/a><\/li>\n<li><a href=\"https:\/\/support.mozilla.org\/en-US\/kb\/clear-cookies-and-site-data-firefox\">Mozilla Firefox<\/a><\/li>\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/microsoft-edge\/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09\">Microsoft Edge<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Responsible for the content of this article are <a href=\"https:\/\/www.itc.rwth-aachen.de\/cms\/IT-Center\/IT-Center\/Team\/~epvp\/Mitarbeiter-CAMPUS-\/?gguid=0x83314372217C974CB45BAEF4BA9620AD&amp;allou=1&amp;lidx=1\">Bean Beitz<\/a>,<a href=\"https:\/\/www.itc.rwth-aachen.de\/cms\/IT-Center\/IT-Center\/Team\/~epvp\/Mitarbeiter-CAMPUS-\/?gguid=0x0EC9C01F8EFF104B810E20F8F5820CD8&amp;allou=1&amp;lidx=1\"> Linda J\u00f6rres<\/a> and <a href=\"https:\/\/www.itc.rwth-aachen.de\/cms\/IT-Center\/IT-Center\/Team\/~epvp\/Mitarbeiter-CAMPUS-\/?gguid=0xA54936838B734444B130F51A7DE93286&amp;allou=1&amp;lidx=1\">Thorsten Kurth<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Sorry, this entry is only available in Deutsch.<\/p>\n","protected":false},"author":2051,"featured_media":8945,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"c2c_always_allow_admin_comments":false,"footnotes":""},"categories":[314,315,310],"tags":[61],"class_list":["post-8944","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-sicherheit","category-services-support","category-studium-lehre","tag-it-sicherheit"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/posts\/8944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/users\/2051"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/comments?post=8944"}],"version-history":[{"count":4,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/posts\/8944\/revisions"}],"predecessor-version":[{"id":19946,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/posts\/8944\/revisions\/19946"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/media\/8945"}],"wp:attachment":[{"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/media?parent=8944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/categories?post=8944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.rwth-aachen.de\/itc\/en\/wp-json\/wp\/v2\/tags?post=8944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}