Add single log-out integration
Opened this issue · 9 comments
GoogleCodeExporter commented
What steps will reproduce the problem?
1. Log out on Drupal site directly
2. Go to WordPress site, which has SLO support
3. Still logged into WordPress because WordPress is on it's own installation of
SSP, not the same one as the IdP.
What is the expected output? What do you see instead?
Expected to get logged out of WP. In other words, $as->isAuthenticated() should
fail.
What version of the product are you using? On what operating system?
Latest version. Configured and working on Drupal site.
Please provide any additional information below.
Not logging into Drupal site with SSP because it *is* the IdP. But I can set up
an SP for it as long as this won't make it too hard for things to work for my
existing Drupal users.
Original issue reported on code.google.com by kevin.kaland on 15 Dec 2012 at 10:14
GoogleCodeExporter commented
Which authentication source are you using? (UserPass.php or External.php)
Which version of Drupal? (6 or 7)
Original comment by smoit...@gmail.com on 16 Dec 2012 at 12:12
GoogleCodeExporter commented
External.php, Drupal 7. Thanks for the quick reply!
(Is there an IRC channel for SSP? :))
Original comment by kevin.kaland on 16 Dec 2012 at 10:46
GoogleCodeExporter commented
I suspect the issue is with the WordPress integration. Here's what I would do
to test it:
1) Go to the SimpleSAMLphp SP installation page (the one for WordPress)
2) Under the Authentication Tab, click "Test configured authentication sources"
3) Click on the SP (default-sp?) that is connected to the the IdP that uses
drupalauth
4) When presented with the Drupal login page, login
5) Return to the Drupal site and logout of Drupal
6) Repeat steps 2 and 3, if you are presented with the Drupal login page then
drupalauth and the two instances of SimpleSAMLphp are working fine, it's the
WordPress plugin
Original comment by smoit...@gmail.com on 18 Dec 2012 at 5:22
GoogleCodeExporter commented
Oh, I have actually already done that I realized. What I am really asking
is how to make the plugin support it. What function should it call to ask
the SP to determine if we are logged in or not so that it can log the user
out on the next WP page load?
Original comment by kevin.kaland on 6 Jan 2013 at 6:42
GoogleCodeExporter commented
[deleted comment]
GoogleCodeExporter commented
I'm facing the same Issue Kevin, did you solve the problem? It's possible to
logout sp when i logout from idp?
Original comment by brun...@ciandt.com on 25 Feb 2014 at 4:53
GoogleCodeExporter commented
Same here. When logging out of the drupal site after doeing steps 1 to 5, and
wanting to do step 6, i am already logedin when pressing the SP link in step 3.
Original comment by skrzype...@gmail.com on 15 May 2014 at 12:14
GoogleCodeExporter commented
For me it is fixed. The logout link in the SimpleSAML interface was wrong it
had:
url?as=default-sp?as=default-sp&logout
instead of:
url?as=default-sp&logout
I am using nginx, and had some more issues; the following fixes it:
https://github.com/HTML24/WAYF/wiki/Frequent-Errors-List
public static function selfURLNoQuery() {
$url = self::selfURL();
$url = strtok($url, '?');
return $url;
}
More reading:
https://groups.google.com/forum/?fromgroups=#!topic/simplesamlphp/EERTQ5zvQsA
Original comment by skrzype...@gmail.com on 15 May 2014 at 1:30
GoogleCodeExporter commented
But doesn't SAML support logging out of SP users when IdP is logged out? It
cannot be so that the SP application has to check the IdP on every page load if
the user is logged in or not in IdP, major performance issues with that.
Also logging out in one SP should trigger logout on all other SPs which the IdP
is aware of. Does this module support that? Or should the toolkit take care of
it when it receives a logout request from any SP application?
Original comment by joonas.m...@wunderkraut.com on 8 Aug 2014 at 7:57