Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-26257

Shibboleth plugin overrides logout redirect url even user did not log in through Shibboleth

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.9.13, 2.0.4, 2.1.1, 2.2
    • 1.9.14, 2.0.5, 2.1.2
    • Authentication
    • None
    • MOODLE_19_STABLE, MOODLE_20_STABLE, MOODLE_21_STABLE, MOODLE_22_STABLE
    • MOODLE_19_STABLE, MOODLE_20_STABLE, MOODLE_21_STABLE
    • Easy
    • Hide

      This requires a Moodle installation with Shibboleth authentication set up, and Shibboleth log out page handler configured.

      • Create two user accounts, "A" and "B".
      • Set authentication to Manual for "A", to Shibboleth for "B".
      • Log in as "A" and log out again.

      VERIFY: Shibboleth log out page is not shown.

      • Log in as "B" and log out again.

      VERIFY: Shibboleth log out page is being shown.

      Show
      This requires a Moodle installation with Shibboleth authentication set up, and Shibboleth log out page handler configured. Create two user accounts, "A" and "B". Set authentication to Manual for "A", to Shibboleth for "B". Log in as "A" and log out again. VERIFY: Shibboleth log out page is not shown. Log in as "B" and log out again. VERIFY: Shibboleth log out page is being shown.

    Description

      When I have both manual accounts and Shibboleth authentication enabled, if I log in through a manual account in Moodle and then log out, I got redirected to the Shibboleth logout page. I only want to be redirected to this url when I logged in through Shibboleth, which will completely log me out of my idp. But if I log in from a manual account, I want to be redirected to the default logout page when logout.

      I guess one way to fix this is to change logoutpage_hook() in "auth/shibboleth/auth.php" to check for $USER->auth. Only override the global variable $redirect when $USER->auth == "shibboleth".

      Hope this will make it to the core soon. Thanks!

      Attachments

        Issue Links

          has been marked as being related by

          Bug - A problem which impairs or prevents Moodle from functioning correctly. MDL-29386 Can't login via Shibboleth while $CFG->authpreventaccountcreation is on

          • Critical - Crashes server, loss of data, severe memory leak
          • Closed

          Bug - A problem which impairs or prevents Moodle from functioning correctly. MDL-29385 Notices within the Shibboleth plugin

          • Minor - Minor loss of function where workaround is possible
          • Closed

          Activity

            People

              bostelm Henning Bostelmann
              carsontam Carson Tam
              Sam Hemelryk Sam Hemelryk
              Aparup Banerjee Aparup Banerjee
              Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Sujith Haridasan
              Votes:
              7 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                10/Oct/11