Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-308

Logout no longer works - Improve integration tests

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • saas, 3.1.8
    • None
    • None
    • None

      Due to changes in AdmincentralServlet in Magnolia 6.2.38, logout no longer works, IdP session is never terminated.

      This is because the HttpSession is invalidated too eagerly, and thus kills Pac4j's session-tracking.

      The issue will be resolved by ADMINCTR-478 and MAGNOLIA-9090.

      Some dev notes and action should be taken in the scope of this ticket:

      • Add the logout scenario on SSO integration test for both branches v3.1 and v4.0.0 
      • Consider to re-add `request.getSession().invalidate();` back to SsoLogoutFilter which is removed by this commit
      if (request.getSession(false) != null) {
        log.info("Invalidating HttpSession {}", request.getSession());
        request.getSession().invalidate();
      } 

        Acceptance criteria

              efochr Evzen Fochr
              mgeljic Mikaël Geljić
              AdminX
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved:
                Work Started:

                  Bug DoR
                  Task DoD