summaryrefslogtreecommitdiffstats
path: root/ipsilon/providers/saml2/sessions.py
Commit message (Collapse)AuthorAgeFilesLines
* Add support for logout over SOAPRob Crittenden2015-07-161-23/+59
| | | | | | | | | | | | | | As each login session comes in, store the supported logout mechanisms in the SP metadata. Upon a logout request, loop through all of those SP's that support SOAP and log those out first, then log out any remaining sessions using HTTP Redirect. https://fedorahosted.org/ipsilon/ticket/59 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Use plugin-specific configuration, better expirationRob Crittenden2015-05-121-21/+3
| | | | | | | | | | | | | Use a SAML2 plugin specific option to specify the database uri for sessions. Use a much more robust method to find sessions that need expiration (thanks Patrick). https://fedorahosted.org/ipsilon/ticket/90 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Remove expired SAML2 sessionsRob Crittenden2015-05-121-8/+37
| | | | | | | | | | | | | Run a cherrypy background task to sift through the sessions database and find expired entries and remove them. From my testing if a previous execution of the background task is still executing when the next one is scheduled to run, it will skip it. In other words, you can't end up with multiple expirations running at the same time. Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Change SAML2 sessions backend to use Store APIRob Crittenden2015-05-121-152/+224
| | | | | | | | | | | | | | | The basic session API remains the same, just replace the calls to pull data out of the user session to instead pull from the database. The per-session logout state is now a constant rather than being a member of either the logged_in or logging_out dictionaries. https://fedorahosted.org/ipsilon/ticket/90 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* Update Copyright header point to COPYING fileRob Crittenden2015-05-081-16/+1
| | | | | | | | | | | | Point to a file containing the license rather than including it in every single source file. This will make it easier to manage the license in the future without another humongous commit. https://fedorahosted.org/ipsilon/ticket/126 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
* IdP-initiated logout for current userRob Crittenden2015-04-011-2/+9
| | | | | | | | | | | | | | Perform Single Logout for the current user when a logout is initiated in the IdP. A fake initial session is created. In the current logout code the initial logout requestor holds the final redirect URL. In this case it redirects back to the root IdP page. https://fedorahosted.org/ipsilon/ticket/87 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Nathan Kinder <nkinder@redhat.com>
* When a new logout session is received, save old session idsRob Crittenden2015-03-231-1/+19
| | | | | | | | | | | | | | | When a new login session is received and an existing session exists in logout, save the old session IDs. These will be included in the sessions to logout of the SP. This will ensure that if the user clears their cookie cache, for example, that any previous sessions will also be logged out. https://fedorahosted.org/ipsilon/ticket/64 Signed-off-by: Rob Crittenden <rcritten@redhat.com>
* Add SAML-specific session data for tracking login/logout sessionsRob Crittenden2015-02-131-0/+226
https://fedorahosted.org/ipsilon/ticket/24 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
generated by cgit (git 2.34.1) at 2025-09-26 02:48:19 +0000