https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41312 Bug ID: 41312 Summary: Don't redirect to logout after Shibboleth login Initiative type: --- Sponsorship --- status: Product: Koha Version: Main Hardware: All OS: All Status: NEW Severity: normal Priority: P5 - low Component: Authentication Assignee: koha-bugs@lists.koha-community.org Reporter: magnus@libriotech.no QA Contact: testopia@bugs.koha-community.org CC: dpavlin@rot13.org When Shibboleth is enabled, a link with the text "Log in using a Shibboleth account" is presented above the regular login form. The destination of the link varies based on the URL of the login page: If you start on https://example.org/ the link is: https://example.org/Shibboleth.sso/Login?target=https://example.org/cgi-bin/... If you start on https://example.org/cgi-bin/koha/catalogue/detail.pl?biblionumber=1 the link is: https://example.org/Shibboleth.sso/Login?target=https://example.org/cgi-bin/... And if you just logged out and then want to log in again, you will start on https://example.org/cgi-bin/koha/mainpage.pl?logout.x=1 and the link will be: https://example.org/Shibboleth.sso/Login?target=https://example.org/cgi-bin/... But this means that the user is logged out immediately after logging in, which is less than optimal. We should identify when this happens and manipulate the URL so it does not include the logout.x=1 part. A similar problem for OAuth/OIDC was solved in bug 34164. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.