Incorrect requireLogoutWith redirection if the original URL has query string

Basics

Technical

Logistics

Basics

Technical

Logistics

Description

If you have the following setting,

<Location /secure/logout>
  require shibboleth
  ShibRequestSetting requireSession false
  ShibRequestSetting requireLogoutWith "/Shibboleth.sso/Logout"
</Location>

the access to

/secure/logout?param=aaa

incorrectly redirect to the following URL after the Shib logout process.

/secure/logout?param=aaashiblogoutdone=1

'&' should be added.

With no query string, all things work as expected.

I attached a patch for this problem.

Environment

None

Attachments

27 Oct 2012, 12:22 AM

Activity

Show:

Scott Cantor December 10, 2012 at 7:13 PM

Closing with release.

Scott Cantor October 29, 2012 at 6:00 PM

http://svn.shibboleth.net/view/cpp-sp?rev=3809&view=rev

Thanks for spotting it.

Fixed

Pinned fields

Click on the next to a field label to start pinning.

Details
Assignee
Scott Cantor
Reporter
Takeshi Nishimura
Fix versions
2.5.1
Affects versions
2.5.0

Created October 27, 2012 at 12:22 AM

Updated August 4, 2021 at 9:24 PM

Resolved October 29, 2012 at 6:00 PM

Configure

Incorrect requireLogoutWith redirection if the original URL has query string

Description

Environment

Attachments

Activity

Scott Cantor December 10, 2012 at 7:13 PM

Scott Cantor October 29, 2012 at 6:00 PM

DetailsAssigneeScott CantorScott CantorReporterTakeshi NishimuraTakeshi NishimuraFix versions2.5.1Affects versions2.5.0

Details

Assignee

Reporter

Fix versions

Affects versions

Details
Assignee
Scott Cantor
Reporter
Takeshi Nishimura
Fix versions
2.5.1
Affects versions
2.5.0