SingleLogoutService by SOAP binding does not handle correctly the first session of given principal.

Description

Invoking SingleLogoutService by SOAP binding behaves a very strange way. If I create several SSO sessions from single SP using single principal, I can correctly end all sessions on SP side using SingleLogoutService by SOAP except the first session established.

By checking the code I have found that the issue is caused by the incorrect DDF handling in method "void SSCache::insert(const char* key, time_t expires, const char* name, const char* index)" in ...\shibboleth-2.1\shibsp\impl\StorageServiceSessionCache.cpp lines 828-877.
Error is declaration DDF obj; followed by initialization obj.structure() which do not work as expected and cause all subsequent calls to obj silently fail.

I suggest either to change declaration to
DDF obj(NULL);
or to change initialization to
obj = DDF(NULL).structure();

Not being a C++ programmer, I cannot tell which solution is better, but I have noticed, that the latter is used in the code more often.

Environment

Tested on MS Windows XP Professional SP3.
However I believe that the is not related to the OS.

Activity

Scott Cantor
June 23, 2009 at 12:46 PM

Closing after releases.

Scott Cantor
January 6, 2009 at 12:11 PM
Fixed

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Created January 6, 2009 at 7:13 AM
Updated June 23, 2009 at 12:46 PM
Resolved January 6, 2009 at 12:11 PM