Bug 53728 - Burger menu of ucs-sso contains "login" button
Burger menu of ucs-sso contains "login" button
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: SAML
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-0-errata
Assigned To: Johannes Keiser
Dirk Wiesenthal
:
Depends on: 53617
Blocks:
  Show dependency treegraph
 
Reported: 2021-08-31 15:12 CEST by Johannes Keiser
Modified: 2021-09-07 08:49 CEST (History)
3 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 3: Will affect average number of installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.137
Enterprise Customer affected?:
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Usability
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Keiser univentionstaff 2021-08-31 15:12:28 CEST
Port to 5.0

+++ This bug was initially created as a clone of Bug #53617 +++

Some larger school customers operate several portal servers that are run behind a load balancer under a uniform URL, e.g. https://portal.kunde.ucs.
The individual portal servers are *not* directly accessible from outside with their FQDN (e.g. server0815.kunde.ucs).
If a user starts a login attempt via the SAML login (see video), a "Login"/"Anmelden" entry is still displayed in the burger menu, pointing to the non-SSO login of the portal server in question 
→ https://server0815.kunde.ucs/univention/login/

This leads to confusion because the host is not directly accessible and an error message is displayed in the browser accordingly.
The problem is somewhat exacerbated if, for example, 2FA plugins for SSO are used, the first auth step has already been completed and the second factor is requested in a second step. Users then search the burger menu and find an inappropriate menu entry.
Comment 1 Johannes Keiser univentionstaff 2021-08-31 15:35:34 CEST
The 'Login' and 'Logout' menu entries are no longer shown on the login site

10a71ea12a Bug #53728: yaml
6c314aece3 Bug #53728: yaml
9e8028117e Bug #53728: hide 'Login'/'Logout' menu entry on login site

Successful build
Package: univention-web
Version: 4.0.1-37A~5.0.0.202108311526
Branch: ucs_5.0-0
Scope: errata5.0-0

Successful build
Package: univention-management-console
Version: 12.0.12-12A~5.0.0.202108311532
Branch: ucs_5.0-0
Scope: errata5.0-0
Comment 2 Dirk Wiesenthal univentionstaff 2021-09-01 01:27:26 CEST
Login Menu: OK
SAML Menu: OK
YAML: OK
Comment 4 hoko 2021-09-07 08:49:53 CEST
Update has a problem:

Vorbereitung zum Entpacken von .../univention-web-js_4.0.1-37A~5.0.0.202108311526_all.deb ...
Entpacken von univention-web-js (4.0.1-37A~5.0.0.202108311526) über (4.0.1-36A~5.0.0.202106211715) ...
dpkg: Fehler beim Bearbeiten des Archivs /var/cache/apt/archives/univention-web-js_4.0.1-37A~5.0.0.202108311526_all.deb (--unpack):
 »/usr/share/univention-web/js/dojox/atom/widget/nls/sr/FeedEntryEditor.js.consoleStripped.js.dpkg-new« kann nicht geöffnet werden: Die Operation ist nicht erlaubt