nfantone commented on issue #455: GUACAMOLE-361: CAS global logout URL: https://github.com/apache/guacamole-client/pull/455#issuecomment-565540855 Hi, @necouchman. I've trying to put together a new PR for this, as @siacali commented above. I've hit some walls that I think you should be able to help take down, however. 1) It's not entirely clear to me how backend user configured values (present in `guacamole.properties`, for instance) are made available to the JS/Angular world. How do these `Field` classes behave exactly? In particular, I'm interested in mimicking the way the `authorizationURI` is passed down as a `$scope.field` value for the logout URL. What's the recommended way to go about this? 2) Without #346, AFAIK, there's no current way to signal to extensions that a Guacamole logout has been successful. The CAS extension would need this for that very same purpose, before redirecting users to its own `/logout`. 3) At present, when a user manually logs out, it [triggers a full view reload](https://github.com/apache/guacamole-client/blob/master/guacamole/src/main/webapp/app/navigation/directives/guacUserMenu.js#L148). That creates a problem when listening on broadcasted events (such as `guacLogout`) from different Angular modules, resulting in hard to track race conditions. The CAS logout flow could do without that kind of reloading: the user would need to head straight to `/logout` directly, instead. 4) The `.reload()` call mentioned above keeps query string parameters in the URL. For the CAS integration, those parameters include `ticket`, which holds a reference to a CAS session. After Guacamole deletes its own token, the reloading triggers an authentication loop where the user gets redirected to CAS -where the session is still valid- and immediately sent back to Guacamole. But since, the Guacamole session was invalidated, users can't continue using the application. Could you, please, help me elucidate or shed some light on these points? Thank you very much.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
