Description Michael Grandjean 2020-04-30 09:52:34 CEST

# univention-app info
UCS: 4.4-4 errata548
Installed: nagios=4.3 samba4=4.10 ucsschool=4.4 v5 4.1/nextcloud=18.0.3-0
Upgradable:

Currently, the UMC of all UCS systems of the domain is automatically configured as SAML service provider. Unfortunately, we don't enable Single Logout - the corresponding URL is simply missing at the service provider LDAP object.

This leads to the following behaviour:
a) I open the portal on the UCS Master and login via SAML
b) I also open the UMC of a site server - let's say I'm a teacher and want to use the computer room module on a UCS@school schoolserver. Because the UMC of this schoolserver is a configured SAML service provider, I am automatically logged in
c) I finish my tasks an logoff at the UCS Master
d) I am still logged in on the schoolserver

Imho we should add the Single-Logout URL to the UMC via the corresponding join script.