[GUACAMOLE-1266] Implement SAML Single Logout - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: guacamole
Labels:
None

Description

The SAML Authentication Extension does not seem to have a logout function built in. This will result in a loop. Steps to reproduce:

connect to guacamole ULR
Automatic redirect to IDP Signin Page happens
login via SAML IDP to Guacamole
Click Logoff in Guacamole
Redirect to Guacamole Start-Page happens
Redirect to IDP Signin Page
User gets signed in automatically as the session on the IDP is still existing

The correct behaviour must be:

connect to guacamole ULR
Automatic redirect to IDP Signin Page happens
login via SAML IDP to Guacamole
Click Logoff in Guacamole
Redirecting to configured IDP Logoff URL
IDP destroys session and redirects to Guacamole start page
Redirect to IDP Signin Page
User gets signed in automatically as the session on the IDP is still existing

Attachments

Issue Links

Blocked

GUACAMOLE-519 Implement Single Logout on OpenID Extension

Open

Dependency

GUACAMOLE-680 Ensure logout works as expected when using SSO

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Michael Miklis

Votes:: 4 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 18/Jan/21 09:39

Updated:: 09/Oct/21 00:56