diff options
author | Simo Sorce <simo@redhat.com> | 2017-02-20 12:38:11 -0500 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2017-02-20 12:40:57 -0500 |
commit | 85eb3103c04e6e125bdb1d09caed6a94580a7592 (patch) | |
tree | 2ea596d9cd42985f09078247ff58de709982b1d2 | |
parent | 6d34c2169fcd520cc726e58e01d008ae3637aad4 (diff) | |
download | freeipa-fixlogout.tar.gz freeipa-fixlogout.tar.xz freeipa-fixlogout.zip |
Fix session logoutfixlogout
There were 2 issues with session logouts, one is that the logout_cookie
was checked and acted on in the wrong place, the other is that the wrong
value was set in the IPASESSION header.
Fixes https://fedorahosted.org/freeipa/ticket/6685
Signed-off-by: Simo Sorce <simo@redhat.com>
-rw-r--r-- | ipaserver/plugins/session.py | 2 | ||||
-rw-r--r-- | ipaserver/rpcserver.py | 8 |
2 files changed, 5 insertions, 5 deletions
diff --git a/ipaserver/plugins/session.py b/ipaserver/plugins/session.py index 8e480ed7d..a049cd946 100644 --- a/ipaserver/plugins/session.py +++ b/ipaserver/plugins/session.py @@ -23,6 +23,6 @@ class session_logout(Command): else: delattr(context, 'ccache_name') - setattr(context, 'logout_cookie', '') + setattr(context, 'logout_cookie', 'MagBearerToken=') return dict(result=None) diff --git a/ipaserver/rpcserver.py b/ipaserver/rpcserver.py index f5c520f28..25f2740ea 100644 --- a/ipaserver/rpcserver.py +++ b/ipaserver/rpcserver.py @@ -434,6 +434,10 @@ class WSGIExecutioner(Executioner): response = status.encode('utf-8') headers = [('Content-Type', 'text/plain; charset=utf-8')] + logout_cookie = getattr(context, 'logout_cookie', None) + if logout_cookie is not None: + headers.append(('IPASESSION', logout_cookie)) + start_response(status, headers) return [response] @@ -639,10 +643,6 @@ class KerberosWSGIExecutioner(WSGIExecutioner, KerberosSession): return self.marshal(None, CCacheError()) - logout_cookie = getattr(context, 'logout_cookie', None) - if logout_cookie: - self.headers.append(('IPASESSION', logout_cookie)) - try: self.create_context(ccache=user_ccache) response = super(KerberosWSGIExecutioner, self).__call__( |