CoSign: Collaborative Single Sign-On  

cosign-discuss at
general discussion of cosign development and deployment

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: local logout not being run

Thanks, wes.  You were right.  I accidentally deleted the templates I
had and had to restore them from our test server.  The verify-logout had
the $u replaced with a hardcoded url from way back when.


-----Original Message-----
From: Wesley Craig [mailto:wes@xxxxxxxxx] 
Sent: Wednesday, November 02, 2005 11:25 AM
To: Goldrick, Jim
Cc: cosign-discuss@xxxxxxxxx
Subject: Re: local logout not being run

The cl struct is filled in by cgi_info(), around line 135.  cgi_info 
() parses the POST data, and stores it in the cl struct for the  
caller to deal with.  The test you see below is whether the POST  
contained a URL.  If there was one, it's saved in the sl struct,  
which is used by subfile() to output HTML templates with simple  
variable substitution.

On a higher level, there are two paths through this code.  If the  
request is a GET, the cgi_info() at line 120 succeeds, the query  
string is saved in SL_URL, and the VERIFY_LOGOUT template is displayed.

If the request was a POST, cgi_info() at line 135 succeeds.  If  
CL_VERIFY wasn't POSTed, then the user must have "cancelled" the  
logout.  The user is not logged out, but is instead directed to  
https://cosignhost/ , which is maybe not the best place.

If CL_URL is set, save is as SL_URL.  Set the login cookie to  
"null".  Tell cosignd the user is logged out.  And finally, redirect  
the user to SL_URL.

I suspect that the problem you're seeing has something to do with  
template changes.  Either the GET case is not saving the URL from the  
query string, or the POST case is not re-POSTing the saved URL.  Or,  
perhaps the "logout" button isn't POSTing "verify", so the CGI thinks  
the user has cancelled logout.

What does your verify-logout.html look like?


On 02 Nov 2005, at 10:34, Goldrick, Jim wrote:
> My local logout script is not being run after updating to 1.9.0.  I
> think I have narrowed down the issue to this in logout.c
> if (( cl[ CL_URL ].cl_data != NULL ) ||
>             ( *cl[ CL_URL ].cl_data != '\0' )) {
>         /* oh the places you'll go */
>         if ( strncmp( cl[ CL_URL ].cl_data, "http", 4 ) == 0 ) {
>             sl[ SL_URL ].sl_data = cl[ CL_URL ].cl_data;
>         }
> The cl[ CL_URL ].cl_data must be replacing the logout url, at least I
> think.  But I have no idea where the cl[ CL_URL ].cl_data comes from.
> I have it set in the logout querystring and in the cosign.conf to  
> go to
> the local logout, but it's not getting there, it just redirects to our
> main web site.  I must have something set wrong somewhere.

Copyright © 2002 - 2004 Regents of the University of Michigan :  Page last updated 15-December-2010