|
|
|
In Use Case 5, an employee of smcompany.com authenticates at an employee portal, www.smcompany.com, and selects a link to view the health benefits at www.ahealthco.com. The employee is taken to ahealthco.com website and presented with the health benefit information without logging in to ahealthco.com website.
When the employee logs out from ahealthco.com, ahealthco.com wants to verify that the user session at ahealthco.com and at smcompany.com are terminated. Terminating both sessions assures that an unauthorized employee cannot use the existing sessions to access resources at smcompany.com or to view benefits of the authorized employee.
Note: The initial logout could occur at smcompany.com and result in both sessions being terminated.
The following illustration shows the use case.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |