Moodle
  1. Moodle
  2. MDL-18116

Logout hook for Shibboleth Logout handler, updated Readme, removed hardcoded strings

    Details

    • Type: Improvement Improvement
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.9.5
    • Fix Version/s: DEV backlog
    • Component/s: Authentication
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE
    • Rank:
      4990

      Description

      Changes:

      • Added a new setting logout_handler to the Shibboleth authentication settings
      • Removed hard-coded strings in the configuration settings and replaced them with proper print_string expressions
      • Added a logoutpage_hook function that (optinally) sends a user who clicks on the logout button to the Shibboleth logout handler after Moodle logout
      • Updated README

      How to test:
      If the logout_handler URL is set (e.g. with the default Shibboleth logout handler /Shibboleth.sso/Logout), an (Shibboleth) authenticated Moodle user can click on the Moodle Logout link. Moodle then first deletes the user's session and then should sent the user to /Shibboleth.sso/Logout?return=$redirect where $redirect is the URL that Moodle would redirect the user. In this case, the Shibboleth Service Provider eventually will sent the user to this URL after Shibboleth logout.

      Expected result:
      The result should be that after clicking on Logout, the user should not only be logged out from Moodle but also from Shibboleth. This means, that there should not be any shib_session cookie anymore.
      If no logout_handler URL is set, there should be no change in Moodle's logout procedure.

        Activity

        Hide
        Peter Ellis added a comment -

        Setting the Shibboleth logout URL value on the Shibboleth config page appears to inadvertently unset the alternative login URL information (alternateloginurl option) in 1.9.4+ (Build: 20090218). I'm assuming it's associated with this change. If not, I'll create a new bug.

        Show
        Peter Ellis added a comment - Setting the Shibboleth logout URL value on the Shibboleth config page appears to inadvertently unset the alternative login URL information (alternateloginurl option) in 1.9.4+ (Build: 20090218). I'm assuming it's associated with this change. If not, I'll create a new bug.
        Hide
        Lukas Haemmerle added a comment -

        No, the logout URL has nothing to do with this but the alternateloginurl is overwritten by older code that implements the integrated wayf feature.
        The integrated wayf overwrites the alternateloginurl to point to /auth/shibboleth/login.php which is a custom login page. The problem however is that the alternate loginurl currently is overwritten in all cases where the Shibboleth settings are saved.
        If you file a bug I could fix it by checking if the integrated wayf feature is turned off and only then clear the alternateloginurl but not if this feature already was turned off.

        Show
        Lukas Haemmerle added a comment - No, the logout URL has nothing to do with this but the alternateloginurl is overwritten by older code that implements the integrated wayf feature. The integrated wayf overwrites the alternateloginurl to point to /auth/shibboleth/login.php which is a custom login page. The problem however is that the alternate loginurl currently is overwritten in all cases where the Shibboleth settings are saved. If you file a bug I could fix it by checking if the integrated wayf feature is turned off and only then clear the alternateloginurl but not if this feature already was turned off .
        Hide
        Lukas Haemmerle added a comment -

        I created the bug report myself (MDL-18538) and the problem is fixed now. Thanks for reporting this

        Show
        Lukas Haemmerle added a comment - I created the bug report myself ( MDL-18538 ) and the problem is fixed now. Thanks for reporting this

          People

          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated: