-
Bug
-
Resolution: Fixed
-
Minor
-
3.3.2, 3.4.3, 3.5, 3.6
-
MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_36_STABLE
-
MOODLE_34_STABLE, MOODLE_35_STABLE
-
MDL-61351_master -
the file in question is auth/shibboleth/logout.php
within that file there is a function called LogoutNotification in which the problem lies.
to determine the type of session the $CFG->dbsessions variable is consulted and if false, a file based session is assumed. further, the path to the session directory is a hardcoded path off of $CFG->dataroot, which is not always the case. in my instance, the variable $CFG->dbsesssions returns 1 but the system runs just fine off of file based sessions. this variable is not set by me in my config.php
this bug can be duplicated by setting up file based sessions with shibboleth authentication. in my particular setup, the shibboleth config variable logout_return_url is also set.
then, when logging out, there will be exceptions thrown like this:
Default exception handler:
|
Error reading from database Debug: Table 'moodle2_dev.mdl_sessions2' doesn't exist
|
SELECT sesskey, sessdata FROM mdl_sessions2 WHERE expiry > NOW()
|
[array (
|
)]
|
Error code: dmlreadexception
|
* line 486 of /lib/dml/moodle_database.php: dml_read_exception thrown
|
* line 1198 of /lib/dml/mysqli_native_moodle_database.php: call to moodle_database->query_end()
|
* line 176 of /auth/shibboleth/logout.php: call to mysqli_native_moodle_database->get_records_sql()
|
* line ? of unknownfile: call to LogoutNotification()
|
* line 43 of /auth/shibboleth/logout.php: call to SoapServer->handle()
|
and the progress to the logout_return_url is interrupted by the exception thrown when looking for database sessions that do not exist.
that is what happens. in the browser, it seems that the logout only half completes.
what i want to happen is for the moodle session to be removed and to continue on to the logout_return_url.
will try to attach a patch that fixes this issue with this bug.
- is blocked by
-
MDL-62753 Fix Shibboleth back-channel logout for DB sessions
- Closed
- Testing discovered
-
MDL-61527 $CFG->dbsessions can get stuck "on"
- Closed
-
MDL-62753 Fix Shibboleth back-channel logout for DB sessions
- Closed
- will help resolve
-
MDL-34482 shibboleth logout handler is broken in several ways
- Closed