Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-26257

Shibboleth plugin overrides logout redirect url even user did not log in through Shibboleth

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9.13, 2.0.4, 2.1.1, 2.2
    • Fix Version/s: 1.9.14, 2.0.5, 2.1.2
    • Component/s: Authentication
    • Labels:
      None
    • Testing Instructions:
      Hide

      This requires a Moodle installation with Shibboleth authentication set up, and Shibboleth log out page handler configured.

      • Create two user accounts, "A" and "B".
      • Set authentication to Manual for "A", to Shibboleth for "B".
      • Log in as "A" and log out again.

      VERIFY: Shibboleth log out page is not shown.

      • Log in as "B" and log out again.

      VERIFY: Shibboleth log out page is being shown.

      Show
      This requires a Moodle installation with Shibboleth authentication set up, and Shibboleth log out page handler configured. Create two user accounts, "A" and "B". Set authentication to Manual for "A", to Shibboleth for "B". Log in as "A" and log out again. VERIFY: Shibboleth log out page is not shown. Log in as "B" and log out again. VERIFY: Shibboleth log out page is being shown.
    • Difficulty:
      Easy
    • Affected Branches:
      MOODLE_19_STABLE, MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • Fixed Branches:
      MOODLE_19_STABLE, MOODLE_20_STABLE, MOODLE_21_STABLE
    • Pull from Repository:
    • Pull Master Branch:

      Description

      When I have both manual accounts and Shibboleth authentication enabled, if I log in through a manual account in Moodle and then log out, I got redirected to the Shibboleth logout page. I only want to be redirected to this url when I logged in through Shibboleth, which will completely log me out of my idp. But if I log in from a manual account, I want to be redirected to the default logout page when logout.

      I guess one way to fix this is to change logoutpage_hook() in "auth/shibboleth/auth.php" to check for $USER->auth. Only override the global variable $redirect when $USER->auth == "shibboleth".

      Hope this will make it to the core soon. Thanks!

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Votes:
                  7 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    10/Oct/11