Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-3659

SSOFilter logoutEndpoint does not take query parameters into consideration

    XMLWordPrintable

    Details

    • Support Ticket IDs:
    • Sprint:
      To Estimate
    • Story Points:
      3

      Description

      logoutEndpoint on the SingleSignOnFilter does not take query parameters into consideration, see org/forgerock/openig/openam/SingleSignOnFilter.java:

      if (logoutEndpoint != null && logoutEndpoint.matcher(request.getUri().getPath()).find()) {
       return handleLogout(ssoToken, context, request, next);
      }
      

      It only checks the path. Customers may use query parameters to trigger logout on their application. 

      Example:

      Application = http://app.example.com/app

      Logout = http://app.example.com/app?appLogout

      Acceptance Criteria

      • Pay attention to backward compatibility
      • Deprecate logoutEndpoint attribute in favour of a new attribute based on expression

       

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              markdr Mark de Reeper
              Reporter:
              aaron.haskins Aaron Haskins
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: