From eae1b88a45329fceb385ab80ebf1beda6ab7f522 Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Thu, 16 Feb 2017 11:07:31 -0500
Subject: Change session logout to kill only the cookie

Removing the ccache goes to far as it will cause unrelated sessions to
fail as well, this is a problem for accounts used to do unattended
operations and that may operate in parallel.

Fixes https://fedorahosted.org/freeipa/ticket/6682

Signed-off-by: Simo Sorce <simo@redhat.com>
---
 ipaserver/plugins/session.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'ipaserver/plugins/session.py')

diff --git a/ipaserver/plugins/session.py b/ipaserver/plugins/session.py
index c700ab9ba..8e480ed7d 100644
--- a/ipaserver/plugins/session.py
+++ b/ipaserver/plugins/session.py
@@ -5,7 +5,6 @@
 from ipalib import Command
 from ipalib.request import context
 from ipalib.plugable import Registry
-from ipaserver.session import logout
 
 register = Registry()
 
@@ -21,7 +20,9 @@ class session_logout(Command):
         ccache_name = getattr(context, 'ccache_name', None)
         if ccache_name is None:
             self.debug('session logout command: no ccache_name found')
+        else:
+            delattr(context, 'ccache_name')
 
-        logout(ccache_name)
+        setattr(context, 'logout_cookie', '')
 
         return dict(result=None)
-- 
cgit