[
https://issues.apache.org/jira/browse/GUACAMOLE-1266?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17853472#comment-17853472
]
Tribhuwan Phulera commented on GUACAMOLE-1266:
----------------------------------------------
[~vnick] I read what you mentioned in last comment and I will say that still
this is a big security concern to me. Have a look on a real scenario:
I have three applications running on my infrastructure, accessed by multiple
users on a shared desktop system. One user logged in with permissions for both
the financial application and the Guacamole application. He used the financial
application for an hour, closed the tab, then switched to the Guacamole
application and logged out from Guacamole, thinking he was completely logged
out.
However, when another user came and tried to access the financial application,
they were able to do so even though they didn't have the necessary permissions.
This happened because the session wasn't terminated at the Identity Provider
(IDP) level, allowing the new user to alter information in the financial
application. Although the changes were traced, this situation poses a
significant security risk as we cannot fully control user behavior. Logging out
from Guacamole does not log the user out from the Single Sign-On (SSO)
provider. As a result, if a user logs out from Guacamole but not from the SSO
provider, another person using the same computer could still access other
SSO-integrated applications without needing to log in again.
> Implement SAML Single Logout
> ----------------------------
>
> Key: GUACAMOLE-1266
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1266
> Project: Guacamole
> Issue Type: New Feature
> Components: guacamole
> Reporter: Michael Miklis
> Priority: Minor
>
> The SAML Authentication Extension does not seem to have a logout function
> built in. This will result in a loop. Steps to reproduce:
> * connect to guacamole ULR
> * Automatic redirect to IDP Signin Page happens
> * login via SAML IDP to Guacamole
> * Click Logoff in Guacamole
> * Redirect to Guacamole Start-Page happens
> * Redirect to IDP Signin Page
> * User gets signed in automatically as the session on the IDP is still
> existing
>
> The correct behaviour must be:
> * connect to guacamole ULR
> * Automatic redirect to IDP Signin Page happens
> * login via SAML IDP to Guacamole
> * Click Logoff in Guacamole
> * *Redirecting to configured IDP Logoff URL*
> * *IDP destroys session and redirects to Guacamole start page*
> * Redirect to IDP Signin Page
> * User gets signed in automatically as the session on the IDP is still
> existing
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
