cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "gonzalad (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FEDIZ-212) Multiple OIDC logout return to login page
Date Fri, 03 Nov 2017 23:47:00 GMT

    [ https://issues.apache.org/jira/browse/FEDIZ-212?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16238595#comment-16238595
] 

gonzalad commented on FEDIZ-212:
--------------------------------

Hi Sergey, I just added an allowAnonymousLogout restoring the old behaviour by default (logout
from an unauthenticated user just throws a OAuthException).

> Multiple OIDC logout return to login page
> -----------------------------------------
>
>                 Key: FEDIZ-212
>                 URL: https://issues.apache.org/jira/browse/FEDIZ-212
>             Project: CXF-Fediz
>          Issue Type: Bug
>    Affects Versions: 1.4.2
>            Reporter: gonzalad
>            Priority: Major
>             Fix For: 1.4.3
>
>
> I'm using Fediz SSO global logout.
> Scenario :
>  * start a clean incognito session
>  * user logs to OIDC Client 1
>  * user logs to OIDC Client 2 (in another tab, same browser window)
>  * user logs out OIDC Client 1
>  * now user switched tab to OIDC Client 2
>  * user logs out from OIDC Client 2
> On the last logout, the user is automatically rerouted to IDP login UI.
> Looking at network view of Chrome dev toolbar, we see when the user is redirected back
from IDP to OIDC (/oidc/login), that the OIDC redirects back to logout : /oidc/idp/logout.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message