https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41312
Bug ID: 41312
Summary: Don't redirect to logout after Shibboleth login
Initiative type: ---
Sponsorship ---
status:
Product: Koha
Version: Main
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
When Shibboleth is enabled, a link with the text "Log in using a Shibboleth
account" is presented above the regular login form. The destination of the link
varies based on the URL of the login page:
If you start on https://example.org/ the link is:
https://example.org/Shibboleth.sso/Login?target=https://example.org/cgi-bin/koha/mainpage.pl
If you start on
https://example.org/cgi-bin/koha/catalogue/detail.pl?biblionumber=1 the link
is:
https://example.org/Shibboleth.sso/Login?target=https://example.org/cgi-bin/koha/catalogue/detail.pl%3Fbiblionumber%3D1
And if you just logged out and then want to log in again, you will start on
https://example.org/cgi-bin/koha/mainpage.pl?logout.x=1 and the link will be:
https://example.org/Shibboleth.sso/Login?target=https://example.org/cgi-bin/koha/mainpage.pl%3Flogout.x%3D1
But this means that the user is logged out immediately after logging in, which
is less than optimal. We should identify when this happens and manipulate the
URL so it does not include the logout.x=1 part.
A similar problem for OAuth/OIDC was solved in bug 34164.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
