Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Xavier Bachelot
lemonldap-ng
Commits
a19067e5
Commit
a19067e5
authored
Aug 26, 2010
by
Clément OUDOT
Browse files
Delete CAS secondary sessions on logout (#101)
parent
b819f75f
Changes
2
Hide whitespace changes
Inline
Side-by-side
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBCAS.pm
View file @
a19067e5
...
...
@@ -17,7 +17,8 @@ our $VERSION = '0.01';
# @return Lemonldap::NG::Portal error code
sub
issuerDBInit
{
my
$self
=
shift
;
PE_OK
;
return
PE_OK
;
}
## @apmethod int issuerForUnAuthUser()
...
...
@@ -147,12 +148,13 @@ sub issuerForUnAuthUser {
# Open local session
my
$localSession
=
$self
->
getApacheSession
(
$casServiceSession
->
{
id
},
1
);
$self
->
getApacheSession
(
$casServiceSession
->
{
_cas_
id
},
1
);
unless
(
$localSession
)
{
$self
->
lmLog
(
"
Local session
"
.
$casServiceSession
->
{
id
}
.
"
notfound
",
'
error
'
);
"
Local session
"
.
$casServiceSession
->
{
_cas_id
}
.
"
notfound
",
'
error
'
);
untie
%$casServiceSession
;
$self
->
returnCasValidateError
();
}
...
...
@@ -173,7 +175,7 @@ sub issuerForUnAuthUser {
return
PE_ERROR
;
}
PE_OK
;
return
PE_OK
;
}
## @apmethod int issuerForAuthUser()
...
...
@@ -215,11 +217,11 @@ sub issuerForAuthUser {
||
$self
->
param
('
gateway
');
# Renew
if
(
$renew
eq
'
true
'
)
{
# Authentication must be replayed
# TODO
if
(
$renew
eq
'
true
'
)
{
$self
->
lmLog
(
"
Authentication renewal not managed
",
'
error
'
);
return
PE_ERROR
;
$self
->
lmLog
(
"
Authentication renewal not managed
",
'
warn
'
);
}
# If no service defined, exit
...
...
@@ -238,7 +240,7 @@ sub issuerForAuthUser {
$casServiceSession
->
{
type
}
=
'
casService
';
$casServiceSession
->
{
service
}
=
$service
;
$casServiceSession
->
{
id
}
=
$session_id
;
$casServiceSession
->
{
_cas_id
}
=
$session_id
;
$casServiceSession
->
{
_utime
}
=
$time
;
my
$casServiceSessionID
=
$casServiceSession
->
{
_session_id
};
...
...
@@ -278,7 +280,7 @@ sub issuerForAuthUser {
}
# Delete linked CAS sessions
# TODO
$self
->
deleteCasSecondarySessions
(
$session_id
);
# Delete local session
unless
(
...
...
@@ -304,7 +306,7 @@ sub issuerForAuthUser {
return
PE_OK
;
}
PE_OK
;
return
PE_OK
;
}
## @apmethod int issuerLogout()
...
...
@@ -313,9 +315,13 @@ sub issuerForAuthUser {
sub
issuerLogout
{
my
$self
=
shift
;
# TODO
# Session ID
my
$session_id
=
$self
->
{
sessionInfo
}
->
{
_session_id
}
||
$self
->
{
id
};
# Delete linked CAS sessions
$self
->
deleteCasSecondarySessions
(
$session_id
);
PE_OK
;
return
PE_OK
;
}
1
;
...
...
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_CAS.pm
View file @
a19067e5
...
...
@@ -60,6 +60,53 @@ sub returnCasValidateSuccess {
$self
->
quit
();
}
## @method boolean deleteCasSecondarySessions(string session_id)
# Find and delete CAS sessions bounded to a primary session
# @param session_id Primary session ID
# @return result
sub
deleteCasSecondarySessions
{
my
(
$self
,
$session_id
)
=
splice
@_
;
my
$result
=
1
;
# Find CAS sessions
my
$cas_sessions
=
$self
->
{
casStorage
}
->
searchOn
(
$self
->
{
casStorageOptions
},
"
_cas_id
",
$session_id
);
if
(
my
@cas_sessions_keys
=
keys
%$cas_sessions
)
{
foreach
my
$cas_session
(
@cas_sessions_keys
)
{
# Get session
$self
->
lmLog
(
"
Retrieve CAS session
$cas_session
",
'
debug
'
);
my
$casSessionInfo
=
$self
->
getSamlSession
(
$cas_session
);
# Delete session
eval
{
tied
(
%$casSessionInfo
)
->
delete
()
};
if
(
$@
)
{
$self
->
lmLog
(
"
Unable to delete CAS session
$cas_session
: $@
",
'
error
'
);
$result
=
0
;
}
else
{
$self
->
lmLog
(
"
CAS session
$cas_session
deleted
",
'
debug
'
);
}
}
}
else
{
$self
->
lmLog
(
"
No CAS session found for session
$session_id
",
'
debug
'
);
}
return
$result
;
}
1
;
__END__
=head1 NAME
...
...
@@ -91,9 +138,13 @@ Return an error for CAS VALIDATE request
Return success for CAS VALIDATE request
=head2 deleteCasSecondarySessions
Find and delete CAS sessions bounded to a primary session
=head1 SEE ALSO
L<Lemonldap::NG::Portal::IssuerDBCAS>
,
L<Lemonldap::NG::Portal::IssuerDBCAS>
=head1 AUTHOR
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment