During logout testing there were times where the logout would fail because the SP sent a logout request for a session that the IdP did not know about.
This was generally reproducable by doing this:
log in to SP A hit secured page of SP B, should be logged-in automaticallyu
logout of B A should be logged out as well
Log back into A hit B again, logged in no auth
Log out of A Fail
It is unclear whether this is an issue with the IdP or with mod_auth_mellon. It seemed like the SP was losing the new login session id though. When it would fail and I was attached to the SP using gdb and I watched as logout compared sessions, the session on the SP side had an identifier I'd never seen before.
Fields changed
milestone: => 1.0 m3 owner: => rcritten status: new => assigned
status: assigned => accepted
patch_available: 0 => 1
Save existing session IDs to pass along to log out when a new session for an existing user is received:
master: c84eaa4
lasso needs to be updated to 2.4.1 in Fedora to address crash issues. It is built in koji but no package release has been done yet.
design_link: =>
lasso built for f20, f21, f22 and rawhide.
resolution: => fixed status: accepted => closed
rhbz: => 0
Metadata Update from @nkinder: - Issue assigned to rcritten - Issue set to the milestone: 1.0 m3
Log in to comment on this ticket.