[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
mod_auth_saml SSO and problems with logout
I am getting closer to achieving my goal of enabling SSO between php and perl
using simpleSAMLphp and mod_auth_saml from zxid.
I have set up a new test environment on CentOS 5.8 in a virtual box and compiled mod_auth_saml.so
successfully and installed into apache module directory. simpleSAMLphp is configured as
a SAML 2.0 IdP.
With this setup, single sign-on is working but logout isn't working.
My setup: I have made a subdirectory /protected and put in a cgi script: test.cgi that logs some output,
also, a script 'saml' was placed in the same directory to avoid internal server errors. So I have
http://localhost/protected/test.cgi and http://localhost/protected/saml.
Then, I delete all browser cookies, and go to http://localhost/protected/test.cgi
- I am immediately redirected to the IdP login page,
- I log in sucessfully
- I am redirected to http://localhost/protected/saml
- I can then access http://localhost/protected/test.cgi
- The user is logged in PHP and Drupal as well
However after that I cannot log out from the mod_auth_saml site any more, except by deleting all cookies.
If I log out in simpleSAMLphp or the attached PHP application I am logged out in those, but not in
the cgi script and my mod_auth_saml session seems to persist.
I have tried all options in http://localhost/protected/saml?o=m as well, but none of those
seems to terminate that session.
Is there any way I can achieve what I want? I appreciate your help. Please ask for more
information if necessary.
I added only the following to the http.conf that comes with centos
ScriptAlias /protected/ "/var/www/html/protected/"
The metadata from http://localhost:8080/protected/saml?o=B were imported into the IdP and
a simple example authentication with predefined accounts was used to avoid any problems
from upstream IdP.
ZXID version is 1.12 and using the /var/zxid directory owned by the apache user who has rwx perssions on this and subdirectories.
SimpleSAMLphp is version 1.10.0 and install in /var/simplesaml