Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-18116

Logout hook for Shibboleth Logout handler, updated Readme, removed hardcoded strings

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Inactive
    • Affects Version/s: 1.9.5
    • Fix Version/s: None
    • Component/s: Authentication
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE

      Description

      Changes:

      • Added a new setting logout_handler to the Shibboleth authentication settings
      • Removed hard-coded strings in the configuration settings and replaced them with proper print_string expressions
      • Added a logoutpage_hook function that (optinally) sends a user who clicks on the logout button to the Shibboleth logout handler after Moodle logout
      • Updated README

      How to test:
      If the logout_handler URL is set (e.g. with the default Shibboleth logout handler /Shibboleth.sso/Logout), an (Shibboleth) authenticated Moodle user can click on the Moodle Logout link. Moodle then first deletes the user's session and then should sent the user to /Shibboleth.sso/Logout?return=$redirect where $redirect is the URL that Moodle would redirect the user. In this case, the Shibboleth Service Provider eventually will sent the user to this URL after Shibboleth logout.

      Expected result:
      The result should be that after clicking on Logout, the user should not only be logged out from Moodle but also from Shibboleth. This means, that there should not be any shib_session cookie anymore.
      If no logout_handler URL is set, there should be no change in Moodle's logout procedure.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: