Hi Matthias, This is a bug that is logged here: https://github.com/DSpace/DSpace/issues/8475 It is still waiting on a volunteer developer to help us solve the issue.
One workaround is to ensure your PasswordAuthentication is listed *before* your ShibAuthentication in your configuration. See this comment: https://github.com/DSpace/DSpace/issues/8475#issuecomment-1693015102 Tim On Tuesday, April 16, 2024 at 7:58:50 AM UTC-5 lets...@gmail.com wrote: > Hello there, > > when logging out, the Shibboleth sessions seem to be not deleted > correctly. If you go to Log in again after logging out, you do not have to > log in to the IdP again. If a login attempt is made in the same browser > session with a different authentication method, e.g. email + password, > after logging out, the previous user logs in again via Shibboleth instead > of the new one. The logout process therefore only seems to delete the > sessions of the application itself and not those of shibboleth. > > Is this a normal/desirable behavior? Is there a way to configure DSpace so > that the shibboleth session is closed for good or that you land on an > existing local logout link of the identity provider after logout? > > Thank you and kind regards > Matthias > -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx --- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/3a9653ba-c4df-4337-811e-0c8e5174e622n%40googlegroups.com.
