Ticket #883 (closed task: fixed)

Opened 12 years ago

Last modified 12 years ago

[S] [WG] Logout at remote site doesn't seem to work as expected

Reported by: lawrence Owned by: pjkersha
Priority: required Milestone: PROD Final
Component: security Version:
Keywords: Cc:

Description

If I login at BADC, then go to PML, get redirected to WAYF, accept BADC, and get a nice page saying I'm logged in with roles, things are fine (it probably should say where I'm logged in), but then when I try and logout (at PML) nothing obvious happens there ... (i.e all roles etc seem visible).

It would seem however, that I'm still logged in at badc too, but I have lost my cookie from my sandbox ... I think ...

Bottom line: this needs looking into.

Change History

comment:1 Changed 12 years ago by pjkersha

  • Status changed from new to closed
  • Resolution set to fixed

comment:2 Changed 12 years ago by pjkersha

  • Status changed from closed to reopened
  • Resolution fixed deleted

Re-opening because it looks like a redirect is needed for the logout controller. This is the scenario:

Login

  1. browse at NOCS
  2. go to WAYF and pick BADC
  3. login at BADC setting security cookie info in BADC domain
  4. redirected back to NOCS, set security cookie for NOCS domain

Logout

  1. Session Manager session is deleted and NOCS security cookie info is deleted
  2. but BADC cookie still remains

The next time you try login the system will think you're session is still active because the stale security cookie remains at BADC. Solution would be to redirect to BADC on login at logout and remove the security details from the BADC cookie.

comment:3 Changed 12 years ago by pjkersha

  • Status changed from reopened to closed
  • Resolution set to fixed

Fixed with changesets [3061] and [3062]

Note: See TracTickets for help on using tickets.