Univention Bugzilla – Bug 53157
Portal / UMC session renewal does not work when logged in via SAML
Last modified: 2021-05-25 16:01:16 CEST
Once the portal / UMC sessions expires, the portal / UMC tries to renew the session. This does not seem to work, one cannot open UMC modules via portal anymore. I see these http calls when the session is expired and one clicks on a UMC module: univention/get/session-info http 401 Unauthorized -> univention/saml/iframe/ http 302 redirect -> ucs-sso simplesamlphp/saml2/idp/SSOService.php http 200 -> univention/saml/ http 200 -> univention/get/session-info http 200 But calls to univention/get/modules and univention/get/categories after that still return http 401
Dirk, what do you think?
I can see that UMCSessionId gets renewed (with a expire time in the future) in the browser cookiestore, but the UMC module tab does not display any content.
In this state, a reload of the portal page practically breaks the portal usability / user experience even further: One appears to be not logged in. After clicking on 'login' in the side menu, the existing SAML session is recognized and no credentials have to be provided. But when returning to the portal, it is in some kind of intermediate state: The 'login' portal entry is gone, the side menu shows the current username as logged in. But no other entries show up, e.g. i am logged in as Adminstrator but do not see any UMC modules in the portal.
comment 3 is more generic and has nothing to do with the session timeout. I opened bug 53159.
This might be a duplicate of bug 51888 ?
(In reply to Jürn Brodersen from comment #5) > This might be a duplicate of bug 51888 ? Wrong bug number :( it should be 52888
This is a duplicate of bug 53159. It happened after the umc session, but not the umc-web-server session, timed out. The umc server could not authorize the new session because it had already done one saml authorization and was hit by bug 53159. Note: Decrease "umc/module/timeout" to get a quicker umc-server session timeout. *** This bug has been marked as a duplicate of bug 53159 ***
OK: duplicate
UCS 5.0 has been released: https://docs.software-univention.de/release-notes-5.0-0-en.html https://docs.software-univention.de/release-notes-5.0-0-de.html If this error occurs again, please use "Clone This Bug".