Bug 1362295
Summary: | [GSS] (6.4.8 patch) PicketLink rollup patch - BZ-1362293, BZ-1353333 | ||||||
---|---|---|---|---|---|---|---|
Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | dhorton | ||||
Component: | PicketLink | Assignee: | dhorton | ||||
Status: | VERIFIED --- | QA Contact: | Pavel Slavicek <pslavice> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 6.4.8 | CC: | bdawidow, bmaxwell, jawilson, psilva, pskopek | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: |
To apply this individual patch, follow the steps outlined in How do I apply individual or cumulative patches in JBoss EAP 6.2 and beyond [1]?
To rollback this individual patch if installation has unexpected consequences, follow the steps outlined in How do I rollback individual or cumulative patches in JBoss EAP 6.2 and beyond [2]?
[1] https://access.redhat.com/site/solutions/625683
[2] https://access.redhat.com/site/solutions/639403
|
Story Points: | --- | ||||
Clone Of: | Environment: | ||||||
Last Closed: | Type: | Support Patch | |||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 1353333, 1353338, 1362293 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
dhorton
2016-08-01 21:10:35 UTC
Description of problem for BZ-1353333: PicketLink does not return SessionIndex in LogoutRequest. To reproduce: - deploy idp.war and employee.war - go to http://localhost:8080/employee - login - click logout link when redirected back to the employee app - view the SAML logout request - there should be a SessionIndex Description of problem for BZ-1362295 (PLINK-738): When the "LogOutResponseLocation" is configured, the SAML2LogoutHandler correctly uses this value as the Destination when the SP generates a LogoutResponse. However, the LogOutResponseLocation" is not getting used during the HTTP POST so that LogoutResponse is getting sent to the wrong IDP url. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Configure and deploy an idp, sales-post and employee applications 2. Configure the "LogOutResponseLocation" in the employee.war/picketlink.xml 3. Log into the sales-post application 4. Hit the employee application 5. Click on the GLO logout link in the sales-post Expected results: The employee.war should generate a LogoutResponse that has a "Destination" that matches the "LogOutResponseLocation". This LogoutResponse should be sent to the same url that is specified in the LogOutResponseLocation". Actual results: The LogoutResponse is not sent to the same url that is specified in the LogOutResponseLocation. Created attachment 1188002 [details] BZ1362295.zip |