Univention Bugzilla – Bug 52314
Portal Preview App doesn't renew sessions anymore making logout impossible
Last modified: 2021-09-16 15:48:48 CEST
The cloned bug caused that no session-info request is done anymore in the Preview Portal: git:d92df72b91bbf06dd82fde99cddc595c52238e13 + login.onLogin(lang.hitch(this, function() { + this._setupEditModeIfAuthorized(); + this._refresh(portalTools.RenderMode.NORMAL).then(lang.hitch(this, function() { + this._addLinks(); + })); + // Do not force a relogin on the portal + tools.checkSession(false); + })); This caused that it is never detected that the session timed out and therefore no passive SAML login is done anymore after this session timeout. When clicking the on the logout button the page refreshes and one is logged in again because the session on the IDP is still valid (just the UMC session is gone). Plus, another inefficient thing has been added: The portal.json is now fetched (on my system) 15 times. (This might depend on the number of portal entries?!). It should be fetched only once. A deferred should be added which blocks other requests while a request is already ongoing. +++ This bug was initially created as a clone of Bug #51856 +++ At the moment the Portal only re-render when the login button is clicked. It should re-render when detecting a login instead.
univention-portal (3.1.0-40) bd99988e0730 | Bug #52314: debian/changelog 7aaa22178d01 | Bug #52314: do not fetch portal.json multiple times portal.json was fetched multiple times (up to 15 - 20 times) in various situations. The original reason to fetch it once is in edit mode so after modifying we give the listener module enough time to write the new entries so that we know the latest state. This was originally implemented in git:f5adc6cc7d8d526fcb5af6bad222e8ec4299d3b8. We now only do this logic if we are really in edit mode and save/modify something. a781875d306f | Bug #52314: do not disable session polling during portal usage We need to detect when the SAML session is timed out so that we can make a new passive saml login in the iframe so users 1. don't get logged out and 2. even if they are logged out, the logout button is stilled rendered and when one clicks on it the user is already logged out from UMC so only a page refresh is done which then does the passive SAML iframe login and one is logged in again.
What I tested: session-info is called every 30 sec again -> OK Session is renewed -> OK Logout -> OK Edit mode -> OK portal.json is called only when necessary -> OK