[MGNLSSO-308] Logout no longer works - Improve integration tests Created: 14/Sep/23 Updated: 29/Sep/23 Resolved: 20/Sep/23 |
|
| Status: | Closed |
| Project: | Single Sign On |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | saas, 3.1.8 |
| Type: | Bug | Priority: | Major |
| Reporter: | Mikaël Geljić | Assignee: | Evzen Fochr |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||
| Task DoD: |
[X]*
Doc/release notes changes? Comment present?
[X]*
Downstream builds green?
[X]*
Solution information and context easily available?
[X]*
Tests
[X]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||||||||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||||||||||||||||||
| Epic Link: | SSO maintenance | ||||||||||||||||||||||||
| Team: | |||||||||||||||||||||||||
| Work Started: | |||||||||||||||||||||||||
| Description |
|
Due to changes in AdmincentralServlet in Magnolia 6.2.38, logout no longer works, IdP session is never terminated. This is because the HttpSession is invalidated too eagerly, and thus kills Pac4j's session-tracking. — The issue will be resolved by Some dev notes and action should be taken in the scope of this ticket:
if (request.getSession(false) != null) { log.info("Invalidating HttpSession {}", request.getSession()); request.getSession().invalidate(); } |