Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-308

Logout no longer works - Improve integration tests

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • saas, 3.1.8
    • None
    • None
    • None

    Description

      Due to changes in AdmincentralServlet in Magnolia 6.2.38, logout no longer works, IdP session is never terminated.

      This is because the HttpSession is invalidated too eagerly, and thus kills Pac4j's session-tracking.

      The issue will be resolved by ADMINCTR-478 and MAGNOLIA-9090.

      Some dev notes and action should be taken in the scope of this ticket:

      • Add the logout scenario on SSO integration test for both branches v3.1 and v4.0.0 
      • Consider to re-add `request.getSession().invalidate();` back to SsoLogoutFilter which is removed by this commit
      if (request.getSession(false) != null) {
        log.info("Invalidating HttpSession {}", request.getSession());
        request.getSession().invalidate();
      } 

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                efochr Evzen Fochr
                mgeljic Mikaël Geljić
                AdminX
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:
                  Work Started:

                  Checklists

                    Bug DoR
                    Task DoD