From 5c581ccdd0a2fc3ea49d941f2860ac1dd9953007 Mon Sep 17 00:00:00 2001 From: Martin Renvoize Date: Fri, 18 Sep 2015 08:10:27 +0000 Subject: [PATCH] Bug 14034: Fix logout on refresh for shibboleth This is similar to bug 12877 Signed-off-by: Chris Cormack While this is missing a detailed test plan, what I did to test was 1/ Login to koha .. it works 2/ Apply patch 3/ Login to koha .. it still works, no regressions. I can't test the shibboleth part but it doesnt break anything else so I'm happy to sign off Signed-off-by: Jesse Weaver We had to implement this fix for one of our customers using Shibboleth. Can verify that it fixes the issue (which, incidentally, breaks stage-marc-import since that depends on a constant sessionID). Passing QA (verified with QA tools). Thanks, Martin! Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com --- C4/Auth.pm | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index 3d5aba3ade..d7be1d8b53 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -810,7 +810,9 @@ sub checkauth { $sessiontype = $session->param('sessiontype') || ''; } if ( ( $query->param('koha_login_context') && ( $q_userid ne $s_userid ) ) - || ( $cas && $query->param('ticket') && !C4::Context->userenv->{'id'} ) || ( $shib && $shib_login && !$logout ) ) { + || ( $cas && $query->param('ticket') && !C4::Context->userenv->{'id'} ) + || ( $shib && $shib_login && !$logout && !C4::Context->userenv->{'id'} ) + ) { #if a user enters an id ne to the id in the current session, we need to log them in... #first we need to clear the anonymous session... -- 2.39.5