SAML2LogoutAPIAuthenticatorCmd: if session is null, redirect to login page

If session is null, probably logout (local) happened removing the name id and session index which is needed for global logout. The limitation by design is that local logout will void possibility of global logout. To globally logout, one use the SLO api which would logout locally as well. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2025-11-03 04:12:31 +01:00 · 2014-08-26 23:06:17 +02:00 · 2014-08-26 23:06:17 +02:00 · 0402f68b12
commit 0402f68b12
parent de4e74b2b4
1 changed files with 8 additions and 0 deletions
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LogoutAPIAuthenticatorCmd.java
@ -90,6 +90,14 @@ public class SAML2LogoutAPIAuthenticatorCmd extends BaseCmd implements APIAuthen
        response.setResponseName(getCommandName());
        String responseString = ApiResponseSerializer.toSerializedString(response, responseType);

+        if (session == null) {
+            try {
+                resp.sendRedirect(_configDao.getValue(Config.SAMLCloudStackRedirectionUrl.key()));
+            } catch (IOException ignored) {
+            }
+            return responseString;
+        }
+
        try {
            DefaultBootstrap.bootstrap();
        } catch (ConfigurationException | FactoryConfigurationError e) {