Patch submitted to reviews process https://reviews.mahara.org/#/c/7788/.
Pushing changes to Gerrit were rejected as it didn't like hash in the
description area - Bug #1693426: destroy mahara session when Single
Logout is initiated by IdP. As per documentation this is allowed but
had to take out hash and then was able to push.
remote: Resolving deltas: 100% (6/6)
remote: Processing changes: refs: 1, done
remote: ERROR: missing Change-Id in commit message footer
remote:
remote: Hint: To automatically insert Change-Id, install the hook:
remote: gitdir=$(git rev-parse --git-dir); scp -p -P 29418
username....@reviews.mahara.org:hooks/commit-msg ${gitdir}/hooks/
remote: And then amend the commit:
remote: git commit --amend
remote:
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask
on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1693426
Title:
Destroy mahara session when Single Logout is initiated by IdP
Status in Mahara:
New
Bug description:
For our Single Sign-on implementation, we encountered this bug where
Mahara session is not destroyed for another SP initiated logouts.
For example, consider a scenario where two applications Mahara (SP1)
and Moodle (SP2) are setups as service providers and connected with
IdP. When a user logs out from Moodle (SP2) it sends a logout request
to IDP and from there IDP sends a logout request to Mahara (SP2) which
supports SLO.
After receiving logout request from IDP, Mahara destroys simplesamlphp
session but not Mahara session. As a result, a user is still logged on
to Mahara even local simplesamlphp session and IdP sessions are
destroyed!
We investigated this issue and fixed it using a hack which destroys
Mahara session also. We will be submitting a patch to via Gerrit for
review. This is not a perfect solution as believing there should be
other ways to do this perfectly e.g. first destroy simplesamlphp
session, confirm that we are logged out from IdP and then destroy
Mahara session.
This doesn't happen when logout is initiated from Mahara (SP2) as it
first destroys Mahara session and thereafter simplesamlphp session.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1693426/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help : https://help.launchpad.net/ListHelp
