Logout Plugin not being called after direct link navigation

I've created my own login plugin to authenticate users with our system and included a logout extension to logout users in our system upon logging out of nuxeo. This all works fine except when a user follows a direct link to nuxeo e.g. http://mynuxeoinstance/nuxeo/nxpath/default/default-domain/Doc1234@view_documents

If you push logout from that page it navigates to http://mynuxeoinstance/nuxeo/logout instead of calling my logout function.

If you navigate anywhere else from that page in nuxeo, it calls my correct logout function when attempting to logout. Is it related to the ?tabIds=%3A&conversationId=0NXMAIN1 it appends to the url when navigating around? Something about going directly to a page and logging out from there seems to cause it to fail. Any ideas?

Edit: this displays the same issues as this post: http://answers.nuxeo.com/questions/5797/permanent-links-and-cas-authentication

0 votes

2 answers

1544 views

ANSWER

Edit: Code snippets:

To reproduce:<br />

  1. Must be previously logged out from nuxeo<br />
  2. Navigate directly to a nuxeo document e.g.: http://localhost:8080/nuxeo/nxpath/default/default-domain/UserWorkspaces/cburch-ikanow-com/7195035322688821592@view_documents&lt;br />
  3. Use user dropdown to select Logout<br />
  4. Redirected to "http://localhost:8080/nuxeo/logout" Error page: "Page Not Found"<br /> <br /><br /> Code: InfiniteAuthenticator<br /> I use an authenticator that implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension <br /><br /> It grabs a users cookies and authenticates it with our REST Api to spit back a UserIdentification <br /><br /> Code: InfiniteLoginPlugin<br /> Our login plugin implements LoginPlugin and tries to find a user that already exists in nuxeo, otherwise it creates one using the users email address. <br /><br />

The logout portion of Authenticator:<br /> @Override

public Boolean handleLogout(HttpServletRequest httpRequest, HttpServletResponse httpResponse) 
{
    String cookie = getInfiniteCookie(httpRequest);
    if ( cookie != null)
    {
        InfiniteDriver inf_driver = new InfiniteDriver(getApiUrl(httpRequest, infinite_api_url));
        inf_driver.useExistingCookie(cookie);
        log.debug(&quot;Logging user out via cookie&quot;);
        inf_driver.logout();
    }
    try
    {
        log.debug(&quot;not logged in, redirect to infinite&quot;);
        httpResponse.sendRedirect(getLoginUrl(httpRequest, infinite_login_url));
        return true;
    }
    catch (Exception ex)
    {
        log.error(&quot;unable to redirect&quot;, ex);
    }
    return false;
}

<br /><br /> I can watch the logs when you follow my steps to reproduce and it isn't actually calling this logout function when you do that. It's not until you follow a link to a second page in nuxeo that it'll call my handleLogout instead of what I think is the FORM_AUTH logout page?

10/30/2013

Hi,

I don't know if this can help, but we also experiment some troubles with logout link (and also other links in the document page, but not all them) in a page reach by a permanent link with CAS authentication. This happen without any modification of the default behavior. (see http://answers.nuxeo.com/questions/5797/permanent-links-and-cas-authentication)

11/04/2013

I think you are right manuek, we have those issues also and they are probably related to using an alternate login method w/ direct links.
11/04/2013



I think I've found the solution to this:

When using a custom Authenticator, sometimes the tomcat session has not been initialized yet (according to this post: http://stackoverflow.com/questions/595872/under-what-conditions-is-a-jsessionid-created). To ensure my session has started I added a

httpRequest.getSession(true);

during the handleRetrieveIdentity method. This seems to fix my issue of Nuxeo going to a page not found after any redirect.

0 votes



Would you have some code snippet to share? Ideally a (WebDriver) test reproducing the issue?

How does your logout extension work?

0 votes



Updated my question with some more information about the authenticator and loginplugin. I'm not sure how to create WebDriver tests, I'll try to look into that here. Let me know if you could use more information.
10/30/2013