summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2017-02-16 11:07:31 -0500
committerSimo Sorce <simo@redhat.com>2017-02-16 11:17:42 -0500
commiteae1b88a45329fceb385ab80ebf1beda6ab7f522 (patch)
treefb5cf6ef3b1423a60f2a0788bb0630553f91be96
parent14d84daf29543978c6383da10f4f2d913346f013 (diff)
downloadfreeipa-sessionlogout.tar.gz
freeipa-sessionlogout.tar.xz
freeipa-sessionlogout.zip
Change session logout to kill only the cookiesessionlogout
Removing the ccache goes to far as it will cause unrelated sessions to fail as well, this is a problem for accounts used to do unattended operations and that may operate in parallel. Fixes https://fedorahosted.org/freeipa/ticket/6682 Signed-off-by: Simo Sorce <simo@redhat.com>
-rw-r--r--ipaserver/plugins/session.py5
-rw-r--r--ipaserver/session.py34
2 files changed, 3 insertions, 36 deletions
diff --git a/ipaserver/plugins/session.py b/ipaserver/plugins/session.py
index c700ab9ba..8e480ed7d 100644
--- a/ipaserver/plugins/session.py
+++ b/ipaserver/plugins/session.py
@@ -5,7 +5,6 @@
from ipalib import Command
from ipalib.request import context
from ipalib.plugable import Registry
-from ipaserver.session import logout
register = Registry()
@@ -21,7 +20,9 @@ class session_logout(Command):
ccache_name = getattr(context, 'ccache_name', None)
if ccache_name is None:
self.debug('session logout command: no ccache_name found')
+ else:
+ delattr(context, 'ccache_name')
- logout(ccache_name)
+ setattr(context, 'logout_cookie', '')
return dict(result=None)
diff --git a/ipaserver/session.py b/ipaserver/session.py
deleted file mode 100644
index 6957feb74..000000000
--- a/ipaserver/session.py
+++ /dev/null
@@ -1,34 +0,0 @@
-# Authors: John Dennis <jdennis@redhat.com>
-#
-# Copyright (C) 2011 Red Hat
-# see file 'COPYING' for use and warranty information
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-import os
-
-from ipalib.request import context
-from ipalib.krb_utils import (
- krb5_parse_ccache,
-)
-
-
-def logout(ccache_name=None):
- if ccache_name is None:
- ccache_name = getattr(context, 'ccache_name', None)
- if ccache_name is not None:
- scheme, name = krb5_parse_ccache(ccache_name)
- if scheme == 'FILE':
- os.unlink(name)
- setattr(context, 'logout_cookie', '')