Details

    • Similar Issues:

      Description

      Clicking the "logout" button causes a redirect to a page which causes Jenkins to automatically login.
      When the plugin is configured to allow READ permission for Authenticated, but not Anonymous, users, clicking "logout" has no effect.

      Similar to JENKINS-16350 (GitHub Oath plugin)

      This is what is really happening when you "logout"...
      Jenkins logs you out, redirects you back to the Jenkins page you were in.
      Jenkins sees a new you, now anonymous. It decides to authenticate you.
      Jenkins sends you to SAML server
      SAML server is configured to automatically log you in (aka "remember this website")
      Jenkins logs you right back in.

        Attachments

          Issue Links

            Activity

            Hide
            recampbell Ryan Campbell added a comment -

            Related GitHub Oauth bug is fixed, I wonder if this is a quick fix.

            Show
            recampbell Ryan Campbell added a comment - Related GitHub Oauth bug is fixed, I wonder if this is a quick fix.
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            Ryan Campbell yes, it is really a quick fix it is the next bug to fix when I will have a couple of hour to do it

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - Ryan Campbell yes, it is really a quick fix it is the next bug to fix when I will have a couple of hour to do it
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            finally it is a little bit more complicated because the version used of pac4j does not implemented logout method so I have to use opensaml to do that, the solution it is on progress.

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - finally it is a little bit more complicated because the version used of pac4j does not implemented logout method so I have to use opensaml to do that, the solution it is on progress.
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            pac4j does not implemented the SAML logout yet
            https://github.com/pac4j/pac4j/issues/139
            https://groups.google.com/forum/#!topic/pac4j-users/gkSvZSpVVqo

            version >1.8.0 has a local logout process that could be use
            https://groups.google.com/forum/#!topic/pac4j-dev/diok073P_AI

            and on version 2.0.0-RC1 seems to have some implementation about SAML logout

            https://github.com/pac4j/pac4j/blob/6d34d4246eb9b14d4f1da62d0aa66840ee83c583/pac4j-saml/src/main/java/org/pac4j/saml/sso/impl/SAML2LogoutRequestBuilder.java

            so I am going to commit changes to make the logout buton works but without do the logout on the SAML service, this task will be made when I upgrade the pac4j library to 2.0.0

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - pac4j does not implemented the SAML logout yet https://github.com/pac4j/pac4j/issues/139 https://groups.google.com/forum/#!topic/pac4j-users/gkSvZSpVVqo version >1.8.0 has a local logout process that could be use https://groups.google.com/forum/#!topic/pac4j-dev/diok073P_AI and on version 2.0.0-RC1 seems to have some implementation about SAML logout https://github.com/pac4j/pac4j/blob/6d34d4246eb9b14d4f1da62d0aa66840ee83c583/pac4j-saml/src/main/java/org/pac4j/saml/sso/impl/SAML2LogoutRequestBuilder.java so I am going to commit changes to make the logout buton works but without do the logout on the SAML service, this task will be made when I upgrade the pac4j library to 2.0.0
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Ivan Fernandez Calvo
            Path:
            src/main/java/org/jenkinsci/plugins/saml/SamlLogoutAction.java
            src/main/java/org/jenkinsci/plugins/saml/SamlSecurityRealm.java
            src/main/resources/org.jenkinsci.plugins.saml.SamlLogoutAction/index.jelly
            http://jenkins-ci.org/commit/saml-plugin/d47d2c109be3f2b061b6c393bc42ab17524aeba8
            Log:
            JENKINS-37311 make the logout button works (#19)

            [FIX JENKINS-37311] make the logout button works

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Ivan Fernandez Calvo Path: src/main/java/org/jenkinsci/plugins/saml/SamlLogoutAction.java src/main/java/org/jenkinsci/plugins/saml/SamlSecurityRealm.java src/main/resources/org.jenkinsci.plugins.saml.SamlLogoutAction/index.jelly http://jenkins-ci.org/commit/saml-plugin/d47d2c109be3f2b061b6c393bc42ab17524aeba8 Log: JENKINS-37311 make the logout button works (#19) [FIX JENKINS-37311] make the logout button works
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            It will be released on 0.14

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - It will be released on 0.14
            Hide
            ifernandezcalvo Ivan Fernandez Calvo added a comment -

            released on SAML Plugin 0.14

            Show
            ifernandezcalvo Ivan Fernandez Calvo added a comment - released on SAML Plugin 0.14

              People

              • Assignee:
                ifernandezcalvo Ivan Fernandez Calvo
                Reporter:
                dtranter Dan Tranter
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: