SLO doesn't destroy wordpress' session | WordPress.org

ivanshymanovich
(@ivanshymanovich)

7 years, 7 months ago

Hi,

There is an issue with SLO, plugin doesn’t destroy wordpress’ user session, when user is logging out from another site. SAML logout request is received, and response is correct, but user still has session token in his meta.

Executing wp_destroy_current_session() during logout request handling fixes this problem. Hopefully, it will help anybody else, but it would be great to include this fix into plugin. Is it possible to make such update? And if yes, when can it be done?

Thanks!
Ivan

https://wordpress.org/plugins/saml-20-single-sign-on/

The topic ‘SLO doesn't destroy wordpress' session’ is closed to new replies.

Tags

saml

In: Plugins
0 replies
1 participant
Last reply from: ivanshymanovich
Last activity: 7 years, 7 months ago
Status: not resolved