[MGNLSSO-75] Add new configuration postLogoutRedirectUri for SSO logout Created: 17/Aug/21 Updated: 04/Feb/22 Resolved: 01/Dec/21 |
|
| Status: | Closed |
| Project: | Single Sign On |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 2.0.1 |
| Type: | Bug | Priority: | Neutral |
| Reporter: | Carlos Cantalapiedra | Assignee: | Nguyen Phung Chi |
| Resolution: | Fixed | Votes: | 1 |
| Labels: | maintenance | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | 2d | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Template: | |||||||||
| Acceptance criteria: |
Empty
|
||||||||
| Task DoD: |
[X]*
Doc/release notes changes? Comment present?
[X]*
Downstream builds green?
[X]*
Solution information and context easily available?
[X]*
Tests
[X]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||
| Documentation update required: |
Yes
|
||||||||
| Date of First Response: | |||||||||
| Sprint: | Global Maintenance 2 | ||||||||
| Story Points: | 3 | ||||||||
| Description |
Steps to reproduce
Expected resultspost_logout_redirect_uri parameter is successfully recognized by Azure as correct reply url Actual resultspost_logout_redirect_uri parameter is wrong (not the one configured as reply url but the request.getRequestURL() value) WorkaroundN/A Development notesThe value added is based on request.getRequestURL(). This is not correct in many cases. |
| Comments |
| Comment by Antony Hutchison [ 29/Sep/21 ] |
|
We faced this issue too, and applied this workaround in the Azure App Gateway to force HTTPS. (.*)post_logout_redirect_uri=http%3A(.*) to:
{http_resp_Location_1}post_logout_redirect_uri=https%3A\{http_resp_Location_2}
|
| Comment by Boris Faniuk [ 04/Feb/22 ] |
|
Hello! We've tested this new setting and discovered that postLogoutRedirectUri has to be an absolute url (not relative). Maybe you need to fix this documentation: In addition, I would propose to think about simplifying the configuration:
|
| Comment by Alex Mansell [ 04/Feb/22 ] |
|
Cheers bfaniuk – I've opened a follow-up doc ticket to update the yaml config. However, I'll have to let the devs comment on the config simplification. |