You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@guacamole.apache.org by "Michael Miklis (Jira)" <ji...@apache.org> on 2021/01/18 11:43:00 UTC
[jira] [Commented] (GUACAMOLE-1266) SAML Authentication - Logoff
not working
[ https://issues.apache.org/jira/browse/GUACAMOLE-1266?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17267190#comment-17267190 ]
Michael Miklis commented on GUACAMOLE-1266:
-------------------------------------------
Same problem like openid. A very similar approach in SAML
> SAML Authentication - Logoff not working
> ----------------------------------------
>
> Key: GUACAMOLE-1266
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1266
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole
> Affects Versions: 1.3.0
> Reporter: Michael Miklis
> Priority: Major
>
> The SAML Authentication Extension does not seem to have a logout function built in. This will result in a loop. Steps to reproduce:
> * connect to guacamole ULR
> * Automatic redirect to IDP Signin Page happens
> * login via SAML IDP to Guacamole
> * Click Logoff in Guacamole
> * Redirect to Guacamole Start-Page happens
> * Redirect to IDP Signin Page
> * User gets signed in automatically as the session on the IDP is still existing
>
> The correct behaviour must be:
> * connect to guacamole ULR
> * Automatic redirect to IDP Signin Page happens
> * login via SAML IDP to Guacamole
> * Click Logoff in Guacamole
> * *Redirecting to configured IDP Logoff URL*
> * *IDP destroys session and redirects to Guacamole start page*
> * Redirect to IDP Signin Page
> * User gets signed in automatically as the session on the IDP is still existing
--
This message was sent by Atlassian Jira
(v8.3.4#803005)