fix: mfa skipping after logout (!23) · Merge requests · Perun / Perun ProxyIdP / simplesamlphp-module-privacyidea · GitLab

Snippets Groups Projects

Merged Peter Bolha requested to merge fix_mfa_skipping_after_logout into main 1 year ago

MFA can be skipped after a logout in the same browser wher user has been previously logged in. The suspected problem lies in the mismatched name of a parameter holding information about successful MFA authorization. This parameter is set when user logs in, but a different parameter is emptied when the user is logged out. This results in a forgotten value about successful MFA which makes it to the subsequent login and allows the user to skip MFA by reloading the tab in bowser.

closes PRX-253

Activity

Peter Bolha requested review from @433364 1 year ago

requested review from @433364
Peter Bolha assigned to @485456 1 year ago

assigned to @485456
Pavel Břoušek approved this merge request 1 year ago

approved this merge request
Pavel Břoušek enabled an automatic merge when the pipeline for 419ce587 succeeds 1 year ago

enabled an automatic merge when the pipeline for 419ce587 succeeds
Peter Bolha aborted the automatic merge because source branch was updated 1 year ago

aborted the automatic merge because source branch was updated
Peter Bolha added 1 commit 1 year ago
added 1 commit

7ef68d0d - refactor: prettier code style repairs

Compare with previous version
Pavel Břoušek approved this merge request 1 year ago

approved this merge request
Pavel Břoušek mentioned in commit 96cad445 1 year ago

mentioned in commit 96cad445
Pavel Břoušek merged 1 year ago

merged
Jednotné přihlášení test @9008807 · 1 year ago

This MR is included in version 5.5.1

The release is available on GitLab release.

Your semantic-release bot

Please register or sign in to reply