Handle the case of an IdP not handling SLO as a normal situation, not an internal error
This commit is contained in:
parent
a9d9687c45
commit
eca07e104b
|
@ -808,7 +808,21 @@ static int am_init_logout_request(request_rec *r, LassoLogout *logout)
|
|||
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r,
|
||||
"User attempted to initiate logout without being"
|
||||
" loggged in.");
|
||||
} else if (res == LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE && res == LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, "Current identity provider "
|
||||
"does not support single logout. Destroying local session only.");
|
||||
|
||||
} else if(res != 0) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Unable to create logout request."
|
||||
" Lasso error: [%i] %s", res, lasso_strerror(res));
|
||||
|
||||
lasso_logout_destroy(logout);
|
||||
return HTTP_INTERNAL_SERVER_ERROR;
|
||||
}
|
||||
|
||||
/* Early non failing return. */
|
||||
if (res != 0) {
|
||||
lasso_logout_destroy(logout);
|
||||
|
||||
/* Check for bad characters in ReturnTo. */
|
||||
|
@ -820,16 +834,8 @@ static int am_init_logout_request(request_rec *r, LassoLogout *logout)
|
|||
/* Redirect to the page the user should be sent to after logout. */
|
||||
apr_table_setn(r->headers_out, "Location", return_to);
|
||||
return HTTP_SEE_OTHER;
|
||||
} else if(res != 0) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Unable to create logout request."
|
||||
" Lasso error: [%i] %s", res, lasso_strerror(res));
|
||||
|
||||
lasso_logout_destroy(logout);
|
||||
return HTTP_INTERNAL_SERVER_ERROR;
|
||||
}
|
||||
|
||||
|
||||
profile = LASSO_PROFILE(logout);
|
||||
|
||||
/* We need to set the SessionIndex in the LogoutRequest to the SessionIndex
|
||||
|
|
Loading…
Reference in New Issue