#64 Track down remaining logout issues
Closed: Fixed None Opened 6 years ago by rcritten.

During logout testing there were times where the logout would fail because the SP sent a logout request for a session that the IdP did not know about.

This was generally reproducable by doing this:

log in to SP A
hit secured page of SP B, should be logged-in automaticallyu

logout of B
A should be logged out as well

Log back into A
hit B again, logged in no auth

Log out of A
Fail

It is unclear whether this is an issue with the IdP or with mod_auth_mellon. It seemed like the SP was losing the new login session id though. When it would fail and I was attached to the SP using gdb and I watched as logout compared sessions, the session on the SP side had an identifier I'd never seen before.


Fields changed

milestone: => 1.0 m3
owner: => rcritten
status: new => assigned

Fields changed

status: assigned => accepted

Fields changed

patch_available: 0 => 1

Save existing session IDs to pass along to log out when a new session for an existing user is received:

master: c84eaa4

lasso needs to be updated to 2.4.1 in Fedora to address crash issues. It is built in koji but no package release has been done yet.

design_link: =>

lasso built for f20, f21, f22 and rawhide.

resolution: => fixed
status: accepted => closed

Fields changed

rhbz: => 0

Metadata Update from @nkinder:
- Issue assigned to rcritten
- Issue set to the milestone: 1.0 m3

4 years ago

Login to comment on this ticket.

Metadata