Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fix logout confirmation issue for saml_plus_basic #11469

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 1, 2025
Merged

Fix logout confirmation issue for saml_plus_basic #11469

merged 1 commit into from
Apr 1, 2025

Conversation

dippindots
Copy link
Collaborator

Fix #11428

Describe changes proposed in this pull request:

  • This pull request fixes the issue of two conflicting logout logics in the security filter chain by separating basic logout logic and handling it separately.

@dippindots dippindots added the bug label Mar 27, 2025
@dippindots dippindots self-assigned this Mar 27, 2025
@dippindots dippindots changed the title Fix logout confirmation issue Fix logout confirmation issue for saml_plus_basic Mar 27, 2025
@dippindots dippindots requested a review from haynescd March 27, 2025 14:27
@sonarqubecloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

haynescd
haynescd approved these changes Mar 31, 2025
View reviewed changes
src/main/java/org/cbioportal/application/security/config/Saml2AndBasicConfig.java
Comment on lines +86 to +96
LogoutFilter basicLogoutFilter = new LogoutFilter(
basicLogoutSuccessHandler,
(request, response, authentication) -> {
if (authentication != null && authentication.getPrincipal() instanceof UserDetails) {
// Clear the authentication
SecurityContextHolder.clearContext();
// Invalidate the session
request.getSession(false).invalidate();
}
}
);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You don't have to change this but next time I would just wrap this in a new class to keep the config as simple as possible... BasicLogoutFilter

@dippindots dippindots merged commit 191dbf4 into master Apr 1, 2025
27 of 28 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@haynescd haynescd haynescd approved these changes

Assignees

@dippindots dippindots

Labels

bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

logout gives 4x error on MSK portal

2 participants

@dippindots @haynescd