Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

SingleLogoutService by SOAP binding does not handle correctly the first session of given principal.

Description

Invoking SingleLogoutService by SOAP binding behaves a very strange way. If I create several SSO sessions from single SP using single principal, I can correctly end all sessions on SP side using SingleLogoutService by SOAP except the first session established.

By checking the code I have found that the issue is caused by the incorrect DDF handling in method "void SSCache::insert(const char* key, time_t expires, const char* name, const char* index)" in ...\shibboleth-2.1\shibsp\impl\StorageServiceSessionCache.cpp lines 828-877.
Error is declaration DDF obj; followed by initialization obj.structure() which do not work as expected and cause all subsequent calls to obj silently fail.

I suggest either to change declaration to
DDF obj(NULL);
or to change initialization to
obj = DDF(NULL).structure();

Not being a C++ programmer, I cannot tell which solution is better, but I have noticed, that the latter is used in the code more often.

Environment

Tested on MS Windows XP Professional SP3.
However I believe that the is not related to the OS.

Activity

Show:

Scott Cantor June 23, 2009 at 12:46 PM

Closing after releases.

Scott Cantor January 6, 2009 at 12:11 PM

Fixed
Pinned fields
Click on the next to a field label to start pinning.

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Created January 6, 2009 at 7:13 AM
Updated June 23, 2009 at 12:46 PM
Resolved January 6, 2009 at 12:11 PM

Flag notifications