Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-18116

Logout hook for Shibboleth Logout handler, updated Readme, removed hardcoded strings

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Inactive
    • Affects Version/s: 1.9.5
    • Fix Version/s: DEV backlog
    • Component/s: Authentication
    • Labels:
      None
    • Affected Branches:
      MOODLE_19_STABLE

      Description

      Changes:

      • Added a new setting logout_handler to the Shibboleth authentication settings
      • Removed hard-coded strings in the configuration settings and replaced them with proper print_string expressions
      • Added a logoutpage_hook function that (optinally) sends a user who clicks on the logout button to the Shibboleth logout handler after Moodle logout
      • Updated README

      How to test:
      If the logout_handler URL is set (e.g. with the default Shibboleth logout handler /Shibboleth.sso/Logout), an (Shibboleth) authenticated Moodle user can click on the Moodle Logout link. Moodle then first deletes the user's session and then should sent the user to /Shibboleth.sso/Logout?return=$redirect where $redirect is the URL that Moodle would redirect the user. In this case, the Shibboleth Service Provider eventually will sent the user to this URL after Shibboleth logout.

      Expected result:
      The result should be that after clicking on Logout, the user should not only be logged out from Moodle but also from Shibboleth. This means, that there should not be any shib_session cookie anymore.
      If no logout_handler URL is set, there should be no change in Moodle's logout procedure.

        Gliffy Diagrams

          Activity

          Hide
          pcellis@u.washington.edu Peter Ellis added a comment -

          Setting the Shibboleth logout URL value on the Shibboleth config page appears to inadvertently unset the alternative login URL information (alternateloginurl option) in 1.9.4+ (Build: 20090218). I'm assuming it's associated with this change. If not, I'll create a new bug.

          Show
          pcellis@u.washington.edu Peter Ellis added a comment - Setting the Shibboleth logout URL value on the Shibboleth config page appears to inadvertently unset the alternative login URL information (alternateloginurl option) in 1.9.4+ (Build: 20090218). I'm assuming it's associated with this change. If not, I'll create a new bug.
          Hide
          l.haemmerle Lukas Haemmerle added a comment -

          No, the logout URL has nothing to do with this but the alternateloginurl is overwritten by older code that implements the integrated wayf feature.
          The integrated wayf overwrites the alternateloginurl to point to /auth/shibboleth/login.php which is a custom login page. The problem however is that the alternate loginurl currently is overwritten in all cases where the Shibboleth settings are saved.
          If you file a bug I could fix it by checking if the integrated wayf feature is turned off and only then clear the alternateloginurl but not if this feature already was turned off.

          Show
          l.haemmerle Lukas Haemmerle added a comment - No, the logout URL has nothing to do with this but the alternateloginurl is overwritten by older code that implements the integrated wayf feature. The integrated wayf overwrites the alternateloginurl to point to /auth/shibboleth/login.php which is a custom login page. The problem however is that the alternate loginurl currently is overwritten in all cases where the Shibboleth settings are saved. If you file a bug I could fix it by checking if the integrated wayf feature is turned off and only then clear the alternateloginurl but not if this feature already was turned off .
          Hide
          l.haemmerle Lukas Haemmerle added a comment -

          I created the bug report myself (MDL-18538) and the problem is fixed now. Thanks for reporting this

          Show
          l.haemmerle Lukas Haemmerle added a comment - I created the bug report myself ( MDL-18538 ) and the problem is fixed now. Thanks for reporting this
          Hide
          marina Marina Glancy added a comment -

          We have detected that this issue has been inactive for over two years and also did not collect many votes. It is possible that it has been already implemented in a more recent version of Moodle, or it is not highly demanded. There are unlimited number of ways Moodle functinality can be expanded and improved but we would like to concentrate on the features that will benefit majority of users, and which can not be implemented as plugins. If you have a suggestion for improving Moodle core, and there is no open issue for it in the tracker, please start a new forum discussion to see how many other users agree with you, and then create a new issue providing as many details as possible.

          ==BLK2YIMP20141121==

          Show
          marina Marina Glancy added a comment - We have detected that this issue has been inactive for over two years and also did not collect many votes. It is possible that it has been already implemented in a more recent version of Moodle, or it is not highly demanded. There are unlimited number of ways Moodle functinality can be expanded and improved but we would like to concentrate on the features that will benefit majority of users, and which can not be implemented as plugins. If you have a suggestion for improving Moodle core, and there is no open issue for it in the tracker, please start a new forum discussion to see how many other users agree with you, and then create a new issue providing as many details as possible. ==BLK2YIMP20141121==

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: