dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SAML: now delete session when logout request for authenticated user is correct

Browse Source
This commit is contained in:
Thomas CHEMINEAU 2010-04-20 15:49:48 +00:00
parent 6bfdad2d0b
commit 0eba588385
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBSAML.pm
View File

@ -641,6 +641,8 @@ sub issuerForAuthUser {
if ($request) { if ($request) {
my $logout_error = 0;
# Load Session and Identity if they exist # Load Session and Identity if they exist
my $session = $self->{sessionInfo}->{_lassoSessionDump}; my $session = $self->{sessionInfo}->{_lassoSessionDump};
my $identity = $self->{sessionInfo}->{_lassoIdentityDump}; my $identity = $self->{sessionInfo}->{_lassoIdentityDump};
@ -671,8 +673,6 @@ sub issuerForAuthUser {
# Get EntityID # Get EntityID
my $entityID = $logout->request->Issuer->content; my $entityID = $logout->request->Issuer->content;
my $name_id = $logout->request()->NameID;
my $user = $name_id->content;
$self->lmLog( "Request issued from $entityID", 'debug' ); $self->lmLog( "Request issued from $entityID", 'debug' );
@ -687,6 +687,9 @@ sub issuerForAuthUser {
$id; $id;
} @entitiesID; } @entitiesID;
# Get current user identifier
my $user = $self->{sessionInfo}->{_user};
# Get corresponding session # Get corresponding session
my $local_sessions = my $local_sessions =
$self->{samlStorage} $self->{samlStorage}
@ -695,7 +698,6 @@ sub issuerForAuthUser {
if ( my @local_sessions_keys = keys %$local_sessions ) { if ( my @local_sessions_keys = keys %$local_sessions ) {
my $session_dump; my $session_dump;
my $logout_error = 0;
# A session was found # A session was found
foreach (@local_sessions_keys) { foreach (@local_sessions_keys) {
@ -736,10 +738,12 @@ sub issuerForAuthUser {
# No corresponding session found # No corresponding session found
$self->lmLog( "No local session found for user $user", $self->lmLog( "No local session found for user $user",
'debug' ); 'debug' );
$logout_error = 1;
} }
# Validate request if no previous error # Validate request if no previous error
unless ( $self->validateLogoutRequest($logout) ) { unless ( !$logout_error && $self->validateLogoutRequest($logout) ) {
$self->lmLog( "SLO request is not valid", 'error' ); $self->lmLog( "SLO request is not valid", 'error' );
} }