Tribhuwan Phulera created GUACAMOLE-1958:
--------------------------------------------
Summary: IDP session not killing after logout from Guacamole if
SAML Authentication Used
Key: GUACAMOLE-1958
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1958
Project: Guacamole
Issue Type: Bug
Components: guacamole-auth-saml
Affects Versions: 1.5.5
Reporter: Tribhuwan Phulera
Attachments: IDP_LOGOUT_ERROR.mp4
I'm using Apache Guacamole Version 1.5.5 with SAML Authentication integrated
with Microsoft IAM.
The integration works as expected: users are redirected to the IDP for
authentication and returned to Guacamole upon successful login.
However, there's an issue with the logout process. When a user logs out of
Guacamole and then attempts to log back in, they are reauthenticated
automatically without being prompted to log in again. This happens because the
session with the IDP isn't being destroyed properly. As a result, the user's
session persists, allowing them to log back in without re-authenticating.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
