Skip to content

Commit

Permalink
Invalidate Session during a SAML2 based SSO logout
Browse files Browse the repository at this point in the history
  • Loading branch information
sajinieKavindya authored and SanojPunchihewa committed Jun 20, 2023
1 parent 7af0d87 commit e284a96
Showing 1 changed file with 9 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -338,6 +338,15 @@ protected static boolean handleLogout(CarbonUIAuthenticator authenticator,
// This condition is evaluated when users are logged out in SAML2 based SSO
if (request.getAttribute("logoutRequest") != null) {
log.debug("Loging out from SSO session");

try {
invalidateSession(session);
} catch (Exception ignored) {
// Ignore exception when invalidating and invalidated session
if (log.isDebugEnabled()) {
log.debug("Error in invalidating frontend session ", ignored);
}
}
response.sendRedirect(contextPath + "/carbon/sso-acs/redirect_ajaxprocessor.jsp?logout=true");
return false;
}
Expand Down

0 comments on commit e284a96

Please sign in to comment.