From 730772df6ce83f5f1987cd8a8af69545ddae188a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Wed, 17 Dec 2008 14:01:47 +0000
Subject: [PATCH] Adding improvements to iframe based SLO. Now user is asked
before SLO starts.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1066 44740490-163a-0410-bde0-09ae8108e29a
---
templates/default/logout-iframe.php | 248 +++++++++++++++-----
www/resources/default.css | 47 ----
www/resources/icons/silk/accept.png | Bin 0 -> 781 bytes
www/resources/icons/silk/cancel.png | Bin 0 -> 587 bytes
www/resources/icons/silk/control_pause.png | Bin 0 -> 598 bytes
www/resources/icons/silk/delete.png | Bin 0 -> 715 bytes
www/resources/icons/silk/exclamation.png | Bin 0 -> 701 bytes
www/resources/icons/silk/tick.png | Bin 0 -> 537 bytes
www/resources/icons/timeout.png | Bin 0 -> 4002 bytes
www/resources/slo.css | 79 +++++++
www/saml2/idp/SingleLogoutServiceiFrame.php | 46 ++--
www/saml2/sp/SingleLogoutService.php | 2 +-
12 files changed, 300 insertions(+), 122 deletions(-)
create mode 100755 www/resources/icons/silk/accept.png
create mode 100755 www/resources/icons/silk/cancel.png
create mode 100755 www/resources/icons/silk/control_pause.png
create mode 100755 www/resources/icons/silk/delete.png
create mode 100755 www/resources/icons/silk/exclamation.png
create mode 100755 www/resources/icons/silk/tick.png
create mode 100644 www/resources/icons/timeout.png
create mode 100644 www/resources/slo.css
diff --git a/templates/default/logout-iframe.php b/templates/default/logout-iframe.php
index 794b20d25..d27a80bae 100644
--- a/templates/default/logout-iframe.php
+++ b/templates/default/logout-iframe.php
@@ -1,23 +1,73 @@
<?php
+
+ $iframehtml = '';
+ foreach ($this->data['sparray'] AS $sp) {
+ $iframehtml .= '<iframe class="hiddeniframe" onload="xajax_updateslostatus()" style="border: 1px solid #888; width: 80%; height: 100px" src="' . htmlentities($sp['url']) . '" ></iframe>';
+ }
+# $iframehtml = str_replace('"', '\"', $iframehtml);
+# $iframehtml = str_replace("\n", '', $iframehtml);
+# $iframehtml = str_replace("\r", '', $iframehtml);
-
+ $this->data['hideLanguageBar'] = TRUE;
+ $this->data['head'] .= '<script type="text/javascript" src="/' . $this->data['baseurlpath'] . 'resources/jquery.js"></script>';
+ $this->data['head'] .= '<link rel="stylesheet" type="text/css" href="/' . $this->data['baseurlpath'] . 'resources/slo.css" />';
+
+ $nologoutSPs = (count($this->data['sparrayNoLogout']) > 0);
+
$this->data['head'] .= '
<script type="text/javascript" language="JavaScript">
-function showdiv(id) {
- //safe function to show an element with a specified id
-
- if (document.getElementById) { // DOM3 = IE5, NS6
- document.getElementById(id).style.display = \'block\';
- }
- else {
- if (document.layers) { // Netscape 4
- document.id.display = \'block\';
- }
- else { // IE 4
- document.all.id.style.display = \'block\';
- }
- }
+
+
+$(document).ready(function() {
+ $("div#requirejavascript").show();
+/* $("div.completedButWarnings").hide(); */
+ $("div#interrupt").hide();
+ $("input#ok").click(function () {
+ startslo();
+ });
+ $("input#cancel").click(function () {
+ sendResponse();
+ });
+ $("input#returnanyway").click(function () {
+ sendResponse();
+ });
+ $("input#interruptbutton").click(function () {
+ sendResponse();
+ });
+
+ ' . ($nologoutSPs ? '$("div#incapablesps").show();' : '$("div#incapablesps").hide();') . '
+
+});
+
+function toolong() {
+ $("div#interrupt").show().fadeOut("fast").fadeIn("fast");
+}
+
+/* This function is called when users clicks to start single logout */
+function startslo() {
+ $("#confirmation").hide();
+ $("#hiddeniframecontainer").html("' . str_replace('"', '\"', $iframehtml) . '");
+ $("table#slostatustable tr.onhold").removeClass("onhold").addClass("inprogress");
+ $("div.completedButWarnings").show();
+ setTimeout("toolong()", 16000);
+}
+
+/* This function is called from the AJAX response with xajax with the hash of the entityid of the SP */
+function slocompletesp($entityhash) {
+ $("table#slostatustable tr#" + $entityhash).filter(".inprogress").removeClass("inprogress").addClass("completed").
+ children().fadeOut("fast").fadeIn("fast");
+}
+
+
+/* SLO completed for all sps. */
+function slocompleted() {
+/* $("div.completedButWarnings").show(); */
+' . ($nologoutSPs ? ' ' : 'setTimeout("sendResponse()", 2000);') . '
+}
+
+function sendResponse() {
+ window.location = "' . $this->data['logoutresponse'] . '";
}
</script>';
@@ -26,59 +76,139 @@ function showdiv(id) {
?>
+<!-- Proper fallback for browsers that do not support javascript or have javascript turned off -->
+<noscript>
+ <div id="nojavascriptframe">
+ <iframe style="margin: 1em; width: 90%; height: 5em; border: 1px solid #eee" src="SingleLogoutServiceiFrameNoJavascript.php?response=<?php echo urlencode($this->data['logoutresponse']); ?>"></iframe>
+ </div>
+
+<?php
+
+ foreach ($this->data['sparray'] AS $sp) {
+ echo '<iframe class="hiddeniframe" onload="xajax_updateslostatus()" style="border: 1px solid #888; width: 80%; height: 100px"
+ src="' . htmlentities($sp['url']) . '" ></iframe>' . "\n";
+ }
+
+?>
+
+</noscript>
+
+
+<div id="requirejavascript" style="display: none">
+
+ <?php
+
+ $requestername = is_array($this->data['requesterName']) ?
+ $this->getTranslation($this->data['requesterName']) : $this->data['requesterName'];
+
+ ?>
+ <p>You have initiated a <strong>global logout</strong> from the service <strong><?php echo $requestername; ?></strong>. Global logout means you will be logged out from all of the services listed below.</p>
+
+
+
+ <!-- <div class="loggedout">Logout was started from <?php echo $requestername; ?>.</div> -->
+
+ <?php
+
+
+
- <noscript>
- <div id="nojavascriptframe">
- <iframe style="margin: 1em; width: 90%; height: 5em; border: 1px solid #eee" src="SingleLogoutServiceiFrameNoJavascript.php?response=<?php echo urlencode($this->data['logoutresponse']); ?>"></iframe>
- </div>
- </noscript>
- <div id="requirejavascript" style="display: none">
+ echo '<table id="slostatustable">';
- <noscript><div style="background: #500; color: white; border: 1px solod #300">Ignore the logout indicators below. They will not be updated as your browser do not support javascript. Logout will still work.</div></noscript>
+ echo '<tr class="initiated" id="e' . sha1($spentityid) . '">' . "\n";
+ echo ' <td><img style="float: left; margin: 3px" src="/' . $this->data['baseurlpath'] .
+ 'resources/icons/silk/accept.png" alt="Initiated from" /></td>' . "\n";
+ echo ' <td>Initiated logout</td>';
+ echo ' <td>' . $requestername . '</td>' ."\n";
+ echo '</tr>' . "\n";
- <?php
+
+
+
+ foreach ($this->data['sparrayNoLogout'] AS $spentityid => $sp) {
+ $spname = is_array($sp['name']) ? $this->getTranslation($sp['name']) : $sp['name'];
+ echo '<tr class="initiated" id="e' . sha1($spentityid) . '">' . "\n";
+ echo ' <td><img style="float: left; margin: 3px" src="/' . $this->data['baseurlpath'] .
+ 'resources/icons/silk/delete.png" alt="Initiated from" /></td>' . "\n";
+ echo ' <td>Logout not supported</td>';
+ echo ' <td>' . $spname . '</td>' ."\n";
+ echo '</tr>' . "\n";
+ }
+
+
+ foreach ($this->data['sparray'] AS $spentityid => $sp) {
+ $spname = is_array($sp['name']) ? $this->getTranslation($sp['name']) : $sp['name'];
- $requestername = is_array($this->data['requesterName']) ?
- $this->getTranslation($this->data['requesterName']) : $this->data['requesterName'];
+ echo '<tr class="ready onhold" id="e' . sha1($spentityid) . '">' . "\n";
+
+ echo ' <td class="icons">';
+ echo ' <img class="completed" src="/' . $this->data['baseurlpath'] . 'resources/icons/silk/accept.png" alt="Completed" />' . "\n";
+ echo ' <img class="onhold" src="/' . $this->data['baseurlpath'] . 'resources/icons/silk/control_pause.png" alt="SP SLO on hold" />' . "\n";
+ echo ' <img class="inprogress" src="/' . $this->data['baseurlpath'] . 'resources/progress.gif" alt="Progress bar" />' . "\n";
+ echo ' <img class="failed" src="/' . $this->data['baseurlpath'] . 'resources/icons/silk/exclamation.png" alt="Failed" />' . "\n";
+ echo ' </td>' . "\n";
- ?>
- <p>You have initiated a <strong>global logout</strong> from the service <strong><?php echo $requestername; ?></strong>. Global logout means you will be logged out from all services connected to this identity provider. This page will show the status of the logout proccess for all of the services you are logged into.</p>
-
- <div class="loggedout">Logout was started from <?php echo $requestername; ?>.</div>
+ echo ' <td class="statustext">';
+ echo ' <span class="completed">Completed</span>' . "\n";
+ echo ' <span class="onhold">On hold</span>' . "\n";
+ echo ' <span class="inprogress">Logging out…</span>' . "\n";
+ echo ' <span class="failed">Logout failed</span>' . "\n";
+ echo ' </td>';
+ echo ' <td>' . $spname . '</td>' ."\n";
+
+ echo '</tr>' . "\n";
+
+// echo '<div class="inprogress" id="e' . sha1($spentityid) . '">
+// <img style="float: left; margin: 3px" src="/' . $this->data['baseurlpath'] . 'resources/progress.gif" alt="Progress bar" />Wait... is logging out from <strong>' . $spname . '</strong></div>' . "\n";
+ }
+ echo '</table>';
+
+ $completed = ' class="allcompleted"';
+ if (count($this->data['sparray']) > 0) {
+ $completed = '';
+ }
- <?php
-
- foreach ($this->data['sparray'] AS $sp) {
- echo '<iframe class="hiddeniframe" onload="xajax_updateslostatus()" style="border: 1px solid #888; width: 80%; height: 100px" src="' . $sp['url'] . '" ></iframe>' . "\n";
- }
-
- foreach ($this->data['sparray'] AS $spentityid => $sp) {
-
- $spname = is_array($sp['name']) ? $this->getTranslation($sp['name']) : $sp['name'];
- echo '<div class="inprogress" id="e' . sha1($spentityid) . '">
- <img style="float: left; margin: 3px" src="/' . $this->data['baseurlpath'] . 'resources/progress.gif" alt="Progress bar" />Wait... is logging out from <strong>' . $spname . '</strong></div>' . "\n";
- }
+
+ ?>
+
+ <p id="confirmation" style="margin-top: 1em" >Do you want to continue global logout? <br />
+ <input type="button" id="ok" name="ok" value="Yes, continue logout" />
+ <input type="button" id="cancel" name="cancel" value="Cancel logout" />
+ </p>
- $completed = ' class="allcompleted"';
- if (count($this->data['sparray']) > 0) {
- $completed = '';
- }
+ <div id="interrupt" style="margin-top: 1em; border: 1px solid #ccc; padding: 1em; background: #eaeaea" >
+ <p style="margin: 0px; padding; 0px">
+ <img src="/<?php echo($this->data['baseurlpath']); ?>resources/icons/timeout.png"
+ style="float: left; margin: 0px 5px 0px 0px"
+ />
+ If some of the service providers do not respond in reasonable time, you are encouraged to close your browser to ensure sessions are closed. <br />
+ <input type="button" id="interruptbutton" name="interrupt" value="Return to service" />
+ </p>
+ </div>
- ?>
-
- <div id="interrupt"<?php echo $completed; ?>>[ <a href="<?php echo $this->data['logoutresponse']; ?>">Interrupt logging out and go back to service</a> ]</div>
- <div id="iscompleted"<?php echo $completed; ?>>You have successfully logged out from all services listed above.
- <!-- form method="get" action="<?php echo $this->data['logoutresponse']; ?>">
- <input type="submit" name="s" value="OK, continue back to <?php echo $this->data['requesterName']; ?> to complete the logout process." />
- </form -->
- <br />[ <a href="<?php echo $this->data['logoutresponse']; ?>">OK, continue back to <?php echo $requestername; ?> to complete the logout process.</a> ]
- </div>
+ <div id="incapablesps" style="margin-top: 1em; border: 1px solid #ccc; padding: 1em; background: #eaeaea" >
+ <p style="margin: 0px; padding; 0px">
+ <img src="/<?php echo($this->data['baseurlpath']); ?>resources/icons/caution.png"
+ style="float: left; margin: 0px 5px 0px 0px"
+ />
+ One or more of the services you are logged into <i>do not support logout</i>. To ensure that all your sessions are closed, you are encouraged to <i>close your webbrowser</i>.
+ </p>
-
+ <div class="completedButWarnings">
+ <input type="button" id="returnanyway" name="ok" value="Return to service" />
</div>
-
- <script type="text/javascript" language="JavaScript">
- showdiv('requirejavascript');
- </script>
+
+ </div>
+
+ <div id="hiddeniframecontainer" stye="margin: 0px; padding: 0px;"></div>
+
+
+</div>
+
+<!--
+<script type="text/javascript" language="JavaScript">
+ showdiv('requirejavascript');
+</script>
+-->
<?php $this->includeAtTemplateBase('includes/footer.php'); ?>
\ No newline at end of file
diff --git a/www/resources/default.css b/www/resources/default.css
index b94056162..4c7730d00 100644
--- a/www/resources/default.css
+++ b/www/resources/default.css
@@ -267,50 +267,3 @@ div.preferredidp {
-
-div.allcompleted#interrupt {
- display: none;
-}
-div#interrupt a:link {
- color: #036;
- border-bottom: 1px dotted #036;
- text-decoration: none;
-}
-div#interrupt a:hover {
- border-bottom: 1px solid #036;
-}
-div#interrupt {
- display: block;
- border: 3px solid #036;
- background: #39F;
- padding: 1em;
- margin: .2em;
-}
-div#iscompleted {
- display: none;
- border: 3px solid #993;
- background: #FF9;
- padding: 1em;
- margin: .2em;
-}
-div.allcompleted#iscompleted {
- display: block ! important;
-}
-div.inprogress, div.loggedout {
-
- background: #eee;
- color: #444;
- padding: .2em 1em;
- margin: .2em;
-}
-div.inprogress {
- border: 1px dotted #888;
-}
-div.loggedout {
- border: 1px solid #888;
- background: #9f9 ! important ;
-}
-iframe.hiddeniframe {
- display: none;
-}
-
diff --git a/www/resources/icons/silk/accept.png b/www/resources/icons/silk/accept.png
new file mode 100755
index 0000000000000000000000000000000000000000..89c8129a490b329f3165f32fa0781701aab417ea
GIT binary patch
literal 781
zcmV+o1M>WdP)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBU!pGibPR5;6}
zlj}=UVI0T(J9f@?Yy$~oL?MENP<s_55<8j=#k?#_)7`z&He=XKi!yRv#z-kGv(##H
zPHpPc=GK%laoJHq%)RMCwPAFzZ|CgAOcEn{;0q5A&*$@du5ke3{wIG76!;E_a;FdK
zvpp$H#^e2A>4-QibtN)VXQDpczE`xXAkUjh%RI>;okxb7K@0kpyQ1k_Y(|Oe7$m(^
zNYX>mI||sUbmn+c<m#Le&eeX{US5M~t}+^~?^x|a<4hF}*!YoT8=u}L$nm5IGu=t+
z9L!Cu36!D2Ujog{8R*!Qv#Iu-h5hwCT%4+a*g~$0uam-<K;}*|sK&CQl{uILRo+uj
zOcz2iRRHx=A>3<&FnE=4u#()KBS^SH8e)Qs5i!#lY=$-1gbH6VluzU=m=EP78&5vQ
z-?+fFP-G2l&l_QzYealK$;1Rl?FkzXR&Jv<pn=v~#I9rjiy!8pnkdBB+E5h!vH2Zs
z&o03*QH;J|Cj>@fBPNjCr#AYRyJ7UJQ0v#?)7Ott=>3<sG1xL&549^BdiQDc2Rk6B
z`CZUMF*oL$(7tdPx=A_AzG_6ieU8GLKR01{dI4q5ENECkOP~(zUNfjFVrvVjw*&_H
zKpN~TcTqhdhuVD-b<^codbfbK*#?vj9*4ql0y<|7?610!ZaoaDlGr-LWGi2|kG&eR
zM}vpV9aN6yK|7oS)sPHI2Nw>`#-pV!7>9}>Q1jL)H6h&gkP@3nI=+F3nA~M>u#(n*
z8T!#8oEw&-mED4!h4s!N@Jo3S7N&Q6%6l3}nlcd~X@>;uelvPsSkXIgg~e+^T1zSf
z3SNj(5%jK~i8@b;C<CFVY6wQ4<%I<*UYM=Ou+dYcgy^ro@n7=`XV9$WdAihN00000
LNkvXXu0mjf{u*Ke
literal 0
HcmV?d00001
diff --git a/www/resources/icons/silk/cancel.png b/www/resources/icons/silk/cancel.png
new file mode 100755
index 0000000000000000000000000000000000000000..c149c2bc017d5ce5a8ae9330dd7dbd012482e0f4
GIT binary patch
literal 587
zcmV-R0<`^!P)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBUz-AP12R5;6}
zlWS`lK@^7fYe*m=DW)`pmR@6<ps1n7m=rW+jY^x^OQdNiz0u46%!gbcf1|{ept8=c
zyE{*3RyS3YmeLO|3&Xz8nfIJC24MV;#t#j{3Xca0MrHjOU>FS^-G}e*;M)Q6>s#cP
zI`Y#S<cC-I4{qZbMtd?KGXFRPvxv-Okf{_wGD)zuhM&*kA3mpd?<PY3I|3LsAJpOe
z99gRoBoYLxtN4`)^6U(+TEg4k#l5qPJ%B`j{*_f_ZKl(KW)r_!#V?n^QqkLO<jD!W
z#6x;73Uos25FpH(P800yh2{tnN}Cm=x4n(CxQP4g39Vs(?y&s4|2wa`a%2pp%<k3}
zPArC4Siq^|CjdUa?&poi@k^x<fUfT5a)|kPy0f!5rR+E$cwfU`S;05WtIYbV&9qv`
ziwlIBj6FS#^K_ldVSuLrYDC`S6!P@6U$xP|-Q2|4*a*#1L4u<ry35xQ#q=n^RU4+~
z>($G6W`W@NI5g|L-MKl0Zmu$m^(0~^Lwo5OO~d#(vPfz<EIr@e%N^YK-K)Iz%nbI_
z6!uaqtlSzhkFBy=4$HoE1Gk#T+0EgY*)XptW)Owcn0ex3Qr)$5ha+7M)a<MI_t*H3
Z`UU5exP$$k-M;_;002ovPDHLkV1l3E9Q*(P
literal 0
HcmV?d00001
diff --git a/www/resources/icons/silk/control_pause.png b/www/resources/icons/silk/control_pause.png
new file mode 100755
index 0000000000000000000000000000000000000000..2d9ce9c4ec4b787b77e2407809c8887b6252dc6e
GIT binary patch
literal 598
zcmV-c0;&CpP)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBUz=t)FDR5;6}
zQ$1?}K@c5-D2ga@f;NJM)qz-OVX3`s>U3VE{tZoOXQ3gborPd)C!*bfsFfgUA%b`K
z{k54{z0H}ACRrHvW^d-rdyicUV+{VYtX~gCqfs0|(-=vN2o1PiuPW{>+#Atov}dlj
zm>FQRf_YAoB-!b7g57TC=llI0*6TIQX0twmlwz@1Su_y<#c()O27`fy#f%p1x~?-#
z)7Wme<7b=AhIKj}t=(=bMjvNzr~MuZg=Ct#TCD`Id5F*FgY9+;-ENndyrfd8-V+sI
zk|x?lbD>axN~J2Ai^W%{R^I>_0Z9u6gEF#73lqsO`axO|3~qzj{hRS`0}LC%>-AD?
zlFkeU5t@ED93Che0EA(j5rE6(g7f(t5ddbb)O7oPG}&BpJRae6I)RyiO6J&XwmSe5
z5<c@=Gf7=8mjs{+fXn65B7+<b2QQK&--85l-(W#C)9I8Xw1kPMy)hn-pHZ9a_xnLn
zGUA@l1<GV@x!diA`Fswls`fE$2nLBnqKB@Q@RI06&*Slc)oSIY(oR9mcoU)7Z0hJi
z2|;_`u5!IzS5R9n91hEYK!5|GJXkCiFqusFWXwzXe7^kSTcA~|)#6AyjX?Y{p;m4(
kMhlrVvf1qKkLfS#12*8L_X&wQJOBUy07*qoM6N<$f+|S}7XSbN
literal 0
HcmV?d00001
diff --git a/www/resources/icons/silk/delete.png b/www/resources/icons/silk/delete.png
new file mode 100755
index 0000000000000000000000000000000000000000..08f249365afd29594b51210c6e21ba253897505d
GIT binary patch
literal 715
zcmV;+0yO=JP)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBU!T}ebiR5;6}
zllx0kVHn5#Tecsf1c`2hgi%nK^D=kV+T5njvrLa$EMjSnone|mjm2E}L#U;8)yiKo
zO>C4}Mrzlg<+1Y8PEBfUp0jJpx4B>@E+cy3`^(Gw`Mf+2&yxZm<$to~Vpgvg&QKNR
z_f#1(r6svZt%iF?s+n<8X?B&!h3g9Dbb8_=MX}!;HiQSAh`bp^WMl~Z-44teO7W_Y
zV4thSL{h;rJY7!l3%5J4H1!tIzB`Dv+YxO(haWeausGZYkI8^hWj6mzo=L0{%;<E2
z80_Y*w_}NMA$su)e0B@`wrYegSP*HT5w@N{_}&f79VIb*XrKGBY>yxzh{5!Htr?51
zvG|W62MzC8BZ76hRpCyO2zOn<%e)K>NHge!-~)Ap33OdWw6hsLYbCxGNt0%wk_2z7
zfyYvXheSG)5HRK1VB~%mq7Dmurw#bi@hEcOr3&G1ZiF*$M=&9nB#VNf&Q^r$4G5kp
zTURh&s)E0%5&hyVD}sp<72~zmAY`Y(9aqO6CXF%=zFHGzO-A&I(pE}v70YQxCPJ{Y
z4L+?5-crdLn3ZRPEs!A4ehEY3ZRpL~w9>@aMN+{F4dI@v&>(QDHQum!mG~E^$OS8l
z!7?%Uwib*ROP67Hw`ika)gX-(<Pal@1N`)16#~~<@x7jghg9OTS^;mJ8T{oIOsMnG
zla<QHU?S-#Kb7w%o*dlEj!JgnOSKW+hV$`!syc>8Ia`-u_IEhxG7U<13kSsMW+$<e
xd62)I>lbb2dUMm5p6pa}cjgA+U$^mJ^AjD?&bdi)8~y+Q002ovPDHLkV1g8IMc@Dc
literal 0
HcmV?d00001
diff --git a/www/resources/icons/silk/exclamation.png b/www/resources/icons/silk/exclamation.png
new file mode 100755
index 0000000000000000000000000000000000000000..c37bd062e60c3b38fc82e4d1f236a8ac2fae9d8c
GIT binary patch
literal 701
zcmV;u0z&<XP)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBU!Pf0{UR5;6}
zlgmq#VHCz6ztjnp=~F?R5pQFPl&gp~;l?gdL<B>N#0$9Ug7g<e5Ea#;%|NSKc)@5f
z;7$;Xq9UY)Lyb<UqnJ8&8J!fJX6Aj*^R}?Q8M8KZcJJYw-+2!2dGd@g_@BuCJt4QR
zG|-rKLw1p@BngtANcK}WWZ&tJ=GN!sDp0pB`wdNCE3eQ~*sve@ZufS6V;#vz1Xgl=
zg_Pck`%i+q0GXSY{D$mHSJV_2H8nzF3t(&k0AP7)V0mk?F%>~-`rQ^qx~m@y2OU8A
z#zh~=7n#Z$Z*fx-GOtDf07cgx0suCz_W(2~Y(0tf@FX@P6EPuM_dgn$vj9LucO)%W
zw%HgMW>=#oL>nZ>M&NEf08>)#)k<{$fCT_r>rPi=BV=hFh6WS^qqze>C6Ek}o{M5%
za|@JGow<Oj0^5dOoQKhLCOSWpAw+HGQ?pSN*k#a4S7iZ8!-#Pje@#@=;p__PCqxJc
zp|wJe0=1luufg)vI#NXu-(QYlbNI0{or=h>u0t{&hgNzySHZxy@LTNh);YzZ2zSp_
zl$^T&Dnc|NLb&RD_!4>pt@VHdP)ZGER%5ZmWEe$lryR&y;2u^3cOkO<wojkI*Ki1l
z#hIAadT_@fO?4jgQ>4#6c%-<rxdo~DIizNzFvh@D?}Mw}hj=)IkFQ6!NOre9eIML)
z%AxZ|{Xz!zmU%tpEr;N;OJNL<O041Y#5fX5vnwQfk3ahm{G%5DVEpXi29oU*c9F8v
jOytms=QDpd)4#+ImC>(EY6a{600000NkvXXu0mjfxS2AI
literal 0
HcmV?d00001
diff --git a/www/resources/icons/silk/tick.png b/www/resources/icons/silk/tick.png
new file mode 100755
index 0000000000000000000000000000000000000000..a9925a06ab02db30c1e7ead9c701c15bc63145cb
GIT binary patch
literal 537
zcmV+!0_OdRP)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004XF*Lt006JZ
zHwB960000PbVXQnQ*UN;cVTj606}DLVr3vnZDD6+Qe|Oed2z{QJOBUzt4TybR5;7M
zli4mqVHAaX=Q!_TZq*o5LaK&TC+g@aMJbINs;8}1t3yf*$E6r*j>Hs{AQG2a)rMyf
zFQK~pm1x3+7!nu%-M`k}``c>^00{o_1pjWJUTfl8mg=3qGEl8H@}^@w`VUx0_$uy4
z2FhRqKX}xI*?Tv<H&*Dj)Tr<j*}f%KtVns|p$^k=7pCG)bZ)nz(p!uYhmcBtGG4MZ
zhBKz;vsk_?<x?$B#+(Sm9B-A&-Qq;?SOJwD!Fa)z^`0_M+_eepu5##IOknYS`&tC<
z#^ArRgWXi2%vG2uvgcE2i2di<+TKw6qc6;1IyMf?mMlSF4apWIQ-(bTzNj7ETMiu?
z3Y3nE5@K5(^<j-YCz?$CVH?a>1DJd8z#F#0c%*~rM30HE1@2o5m~}ZyoWhqv>ql{V
z1ZGE0lgcoK^lx+eqc*rAX1Ky;Xx3U%u#zG!m-;eD1Qsn@kf3|F9qz~|95=&g3(7!X
zB}JAT>RU;a%vaNOGnJ%e1=K6eAh43c(QN8RQ6~GP%O}Jju$~Ld*%`mO1p<rCAIZx2
bmuq|lzM`o-QVIh|00000NkvXXu0mjfO@{7Q
literal 0
HcmV?d00001
diff --git a/www/resources/icons/timeout.png b/www/resources/icons/timeout.png
new file mode 100644
index 0000000000000000000000000000000000000000..460f7d152738827cada13920c5c602ff3280a6dd
GIT binary patch
literal 4002
zcmV;T4_)wyP)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm00009a7bBm000XU
z000XU0RWnu7ytkdR7pfZRA>e5S$%NT)tP?ocW!RJKS&6H1Q3KE9}*NnK&aLg7gy_0
zyWMV?ZgD8?hwV7C+udnhvDhxPyLD#QPQgV{gzdClq1Hw1pcP$3-KvWkz@R_~gnX0S
z+}xY{efN2O;e_A4Nd$Fg`cDsYIOm?<`FNi9eb0N|a{~M!{eC6j`2Sjd6Odm4%;J2P
zIf3b%xQe-eImNb+2WVyc@jT!ImMwP-w}0m4KNEpp0NxH@Wg1wU0j_fabpfZ-mmdhg
z>+`|oa>0?wAe~GiH8g}FX0i#Azz1&N*(9)M9nkbySbQo1Uj$rB02a8LV3t%A7h~d#
z8K|zSLupYFJOu3`Xh)jVoK9p&B;)ZSmP(?ps|&p!eT2S~ClQXv!zA)F=Xhu>@Ybgx
z@`(vN1T3T!f53(RsFr}|EMAN%5=eJ+V5qwraiT~U7r{|l3gppXQYmCYgUIlko22~I
zOrX9V$-+XklgODj-oQXG7@_vIdVvSl0DYf?$R{H3Ah3axZ>g@RD81^28!(Zk5<Yqq
zLj>blc^&*qu7QV|aFvz8;cyUp3J(5DQ}U^36v?(W#NK-kvERM~=iwtLoiqu)>C@42
z=n&4l`YNLF_}iTSuWke0yi^jGL|_}>2?9T&l)gD<(IQ;4WC@1eejA~pLKNL~7XqtR
z!c|yot(gi1kv!9euEY@9SuZXuLfz!4aLANM$}%UKR{X?C4DQ|yJoh}Rue=gTn%?0(
zd(hY3E)8t_6M$Rn;_0FUHgTio1KX(HuPwgmCd{SO+Fw72ybT*rvi|FE6%+x97^0M7
zXwP1R_rHKxPY*h_+>caw8BHjOD`w9}X=$0Ikqq~Tl|{(orbgaJ=>E+pi9}GkY#EyN
z?nP&Fvn+7~&FP7YQJ_%APxLH~-vR$Zd*8Th%^J+2shmA>7-d_3isH3v;q-E2zVkM^
z{`TAG`ul%C_`m@q+uM<$w~4M=j?|<YxM@N))iv<Z_66Lej5c^830GAWd~5y~11C=)
z`uuM&{kGc>?d^3%dU|gB3h+L4bj*wytNd630pL!m==+PWza9;=>-LrwOxU#({sjx*
zpiTGv+rv2f_4SrHL0*R|Sedr(J@g)&on5G3un^_58Z1{T09hnNh<)X$e5+PrXmAh_
zYGB%}w_>oh)iV?fuA-aWw+rYQ3%uIKCGgKc1E>CvnGFs8r38HT-FH#B^Ks<Qng!>;
z06M;P54!(p3lNK0pmP^+hC=W)9YN*l)$q)n3lX#@L&Pd&RwBKWd#j@p$(LWoWR45I
z|9(Lt9>4q+;OD;_=is9Y9-TH(CR}cFX+c5R^3Qz^ov*!$k_WfIPw?Gm&*G)^cOtZX
zJH{Mrn@$Fkp>(--FP@~0cpQOyzJ>nkDkM&wLjBD*gM07uJmLR*ya~p{K+{>t54ScF
zeCC4>;QYcD5MbR&DR$5eZur&HplyQT0mhslXEnJ}xmBf)Ex9k`tpfLc7ah&bsHm?;
z*=3i3yXD*afnhh7Gxw<VDF+9o|IG;%6|R|+C!;SCM#*2^g$!*zL33F^BD?nP!Be%h
z_#r3b<m1~Rzh#m%#7k1ad1Mrln+K%hPrrn7Z@q=d+<$(DV<t7h!+LZYMSzFZOm@5e
z3i|q3^D+4DxC5>VDp6j8DZvF+&?Eik`R8zA=~CRowgF~oW6WgpJY#+zqfx^0-F`dz
z!eInTN>Dm=ss!~_3U?IVQ4Q>LOL1Oapnl2}1VaPJzh#Xjefy>x8j7HP_H69?^{-L$
zl|RFs1aXqtHwGB1Nt^UMkxMGs*U2*^bKP<b9y^Be#zrAu{0cB9cZpmA4l@0G6-~!S
zFOr@;3-0Rb5$W3(kHw-06c^%&9gpFQo9@G1ZZ{5cc1AxriQscuF6Cz?kzjbT68)!7
zqmaTZ^m_9Mc6sjDECN3QD%oM~q-oO-WpL)b>MF}e3%DJ;`JJRW$*?xxw+RnC_9*_5
z>el%$O=x17mDlB_o9C&UGY3Cq%{l5f=XNnpic&CcMzj7(LBn<W&z`afP*Sx#b*oEh
z^U+`s9%?|6kmpd&1)<+*`tN8og0Fpb9d`d}51!zn4{?Pd=Ko=ShS6qcdpo>5wR6V{
zh}!JQti=xigT*vY^F)6?@_1qs?2N;diM@Xo0e+b7b2=S?{CvbEfr%5X17?6hS%0u^
z1VEY_+5*o~b>&E85Gz-#z_a`Q3rCh+Yq^ZAJOFnz9mdT!+=%BGw0#^2Lqz*4G&o?*
zsS_GCB+%D~ya^M8yD9`QPQQ>S@C%8Y%cU+ar5&ZjoQ&stdb@G_cr!BT4C?EqVsdTW
zD5;qlA`Hl8U4A*PX2e=EsTSKGc?1&1u3fuuAI+?>aUqHrb;|S%U{gx+p}`PZT8~@b
z%gZWIHDx-ze=$-mr{Ll|Oocp6tcqDPO9T9o?;>kuE9_+{=_{^JXVU2Frxr*=iz*xG
zn^J8ddai>9U&n^^>rp@xi1Tz^%fQd$@!;rD9*Ua#{CImQK+<A@CaV+<4|0B<AwI8V
zrcUk!g4g!S^4PfqVw~ODm<qCVmz5;^{(LK%teQ}55i#KH08E?i!Btfg(9Dxmb-&+_
z&dyGPi=d1Fp#_R4%vganV+(nw$j=YJO|YfKycCfvqA@r*4+m-wBv>P>3n|xx2DB;F
z!$~)p;-UrI2Mx2XumU!(*Jo*CWTUa47Plu!dI=A~O`A4ZplfKu4?p}cmM>q188a@k
zBy7OvmOjoum1dLV9m3`0J(^fD+`ujhAx<pRK!kv!_Vuy|kYP)LgNAq#dfXnQ7`UZL
zK$8iyOvRoAK<y?;a;>ec*s<er^!D~*FGJ%Jy4KrozYXiwtsAlZT;OKB=GS~~x?a^Y
zv;Yu;cS02gc^)wJaJ7EZUu6~ns^=7k1PA*1iYJwppzp|0c(1-X%at0y2E0lowJUGl
z{C#}*;fJ{P+H3LDQ@`ZBKF_lID21ZElnZ{m-<%9--VdB@Brv-Hah^*|t@F7(R52-Q
z5AYOiC&T8hmKOMHYLR3xWvP)M?F(7bVVf!S&Bx8QZ{I%b-n|<I1qJxt_wKjsKgIx1
z??Lvy_PNHb)BaP(kHb&WX_86sIfmGD*k`3I0^i^!VZ(oSlK?8p;bJhCpb8b!n}rMz
zdnw7E;YI%5d+)Q%<nFuw28$LoTEI0<eNBHe&qYg`WAdc~C}Cte#Dg##4yQ@rl`Qo9
zkwris+3@taU@+N1m6h^sC%W%hIxY|0=V%ZHln$sTpWJ1cP9p=ajT<-ebdFl2O`nSb
zKCfkA(CbB-4+E~(UPDns1A_0oBgfKA0y^BY(kKG_s!s1VA3TVn`SX$DOGA?COP|+*
zk){ErQoeoxPu<n4Z^D)>KcFl051$>{h&EF*W9@BY)+vw#9YA?OA(EUs!nY@ae`*oE
zP!@Xr7)9W2-g4P_Tl<L<=%Nd&q!$VQ`}Pqn*cUW_B<&R|mSgA6Copf`JWKk9p!(a#
zn7V+NZ&`Kv{1i>t`Ja1G!Dp79S6;zjEGEzMxccQLI-XI<QA=;c7o9aj9UYZ(czFpi
z?oUmvx1vKja%+GVw<mcRg$OE58WSKtn)Xp8O-H60`_6Y6veY8OebB|V`_t)1m-2yu
zLn+(rluJMz{CwX_^BrM;cY-x8kH;~S2UFLM9dNRADy)@%X38aDHIC74v|+}Waaja3
zj(aWo;~%5^#7R^zFg*R_lL!Wbr};AYckf;}z%EFLV{!@j*rs5q=ry2i8DqitsZ$MQ
ze2u8#f!56lo!49gC&O*)kkO*&O~hWxD=CKR=xno2-aMb5J%^LMpIWTnlDuB&ezFxs
zFT98;jGfw^c?Q9wN0Y?y0Po)a%dU!nbdrj|2njm@?FU_`w3<ldo!~qE{7j}X)Z9E_
zB7s-(owH~Aqx>_*<#5uyS!V=Qo|}@%1Wvb|LWH4lI1)m>pMNjl^ZJ;YkcZ<&jsEaK
z6!Sf(?#o|B7w!HWa}&*G1K)%=zrYK$oq%P-b^@wP10tcE-$wy;14m{ilZ}){aTRZ9
zHTCuA-}VUNjFnt-ctzz&JJw;x<9sA;DlROs0yHCi&OLm#@VPPB)Pw|WzOt(uwUm4(
zf%op;4_;jM6Z|9GaRMsvvRh@<wGl@VkOoA+WH0Ofv$VZ-YGPVEK0DOZR2ty@bn42L
zNWb_Z2B_wAARkWNp?T~MKc7$|GNC+Qo)t|hs>}}*46i0vEQ#~GV*JF`ZSZY>3{&RL
zLkUBcHg4D+YJv9h!e0ZA^70ZR27%UNuRtrCx}|#iu9gN0m;>iaQ`c|bG+@#<fWKh5
zsE*I!4ScC~GeYcs^Gyu6T}ac!T-1<@_i0`P;G}dZ_TdANCX!)a9Zo5}M&tE2;5+^i
zD(mV|yl^2x4AeRqhMa3_i@(fU=y!OSQp|%~SAJiykLvbPb!j5YEm<CjZH9nKlSL+v
z3=1~`H!TKMR|NurT7s@4XdgFnh|eD(9{EFzeNw!2Ni%5@py9(w0<M7&JdBA7%F9v2
zKZ4}(nLf+|viraRgbp7@dnR*wCl9Ni0q<}vN!ftU1uinWa$Cu+0X5jQAn@AE_EH<%
zdnNDAUm}ru;L38p-&0ONReZoLAt(<|Q3gTWm<jF;YM*A~AQ4?p9n^{*3kDdZ4e*IF
zLdl;?r~BSukoK>@Z@Y$Hp$&LLz?6oFep}LKnWX{!R??0)k{1D!1zvTPv=8Jh<DXP-
z<bzW^a778jKfc`{z+0D}+08qwTV$vKd6^VnwBx)Z#7H2VPA7YTGlzgfzW{!Bj8QP>
zlYPtP1yB-JY0n~{tUWQ3ay4K+=$>GJ8_)u7vb>Z?h^(gyC~E{J&m$o|gH`iyHs$OX
zAbfq#P+V~$B6Re&0;k{PLms8xM#S8w79fGwO-ote?b%LZMDpxorSS;pqmx-61zIEo
z+GMqxOq|xmNam+89#(X8d5K=XGZbrzD2#+9LF3QWCX-Q?^hH3W2&gXbs;ezKc433k
z#}OFrF}yDXHW$2rD_dG%DXl3RBAQ#-EUZ$%ML?1ic+~~okP}ct#E`MvCELeLmqNe{
zlr#m<02e6(UZsGWtiFZ-s}>1EK;V@HUfHe%qY1Se;;fFJJ_!N)EE*@UM(RfLhJe0{
zggr@;0+ma^5Ha8FV=h|%v;@YQSaaoOdp~0eB4M)q`=_e^A2uwGuXp#_egFUf07*qo
IM6N<$f@+kTVE_OC
literal 0
HcmV?d00001
diff --git a/www/resources/slo.css b/www/resources/slo.css
new file mode 100644
index 000000000..7bf8578ef
--- /dev/null
+++ b/www/resources/slo.css
@@ -0,0 +1,79 @@
+table#slostatustable {
+ width: 100%;
+ border-collapse: collapse;
+}
+table#slostatustable tr td {
+ border-top: 1px solid #ccc;
+}
+
+
+table#slostatustable tr td.statustext span { display: none; }
+table#slostatustable tr.completed td.statustext span.completed { display: inline; }
+table#slostatustable tr.onhold td.statustext span.onhold { display: inline; }
+table#slostatustable tr.inprogress td.statustext span.inprogress { display: inline; }
+table#slostatustable tr.failed td.statustext span.failed { display: inline; }
+
+table#slostatustable tr td.icons img {
+ margin: 3px;
+ display: none;
+}
+table#slostatustable tr.completed td.icons img.completed { display: inline; }
+table#slostatustable tr.onhold td.icons img.onhold { display: inline; }
+table#slostatustable tr.inprogress td.icons img.inprogress { display: inline; }
+table#slostatustable tr.failed td.icons img.failed { display: inline; }
+
+
+iframe.hiddeniframe {
+ display: none;
+}
+
+/* From old CSS
+
+
+
+div.allcompleted#interrupt {
+ display: none;
+}
+div#interrupt a:link {
+ color: #036;
+ border-bottom: 1px dotted #036;
+ text-decoration: none;
+}
+div#interrupt a:hover {
+ border-bottom: 1px solid #036;
+}
+div#interrupt {
+ display: block;
+ border: 3px solid #036;
+ background: #39F;
+ padding: 1em;
+ margin: .2em;
+}
+div#iscompleted {
+ display: none;
+ border: 3px solid #993;
+ background: #FF9;
+ padding: 1em;
+ margin: .2em;
+}
+div.allcompleted#iscompleted {
+ display: block ! important;
+}
+div.inprogress, div.loggedout {
+
+ background: #eee;
+ color: #444;
+ padding: .2em 1em;
+ margin: .2em;
+}
+div.inprogress {
+ border: 1px dotted #888;
+}
+div.loggedout {
+ border: 1px solid #888;
+ background: #9f9 ! important ;
+}
+iframe.hiddeniframe {
+ display: none;
+}
+ */
\ No newline at end of file
diff --git a/www/saml2/idp/SingleLogoutServiceiFrame.php b/www/saml2/idp/SingleLogoutServiceiFrame.php
index 1142ae0a8..d92160e4a 100644
--- a/www/saml2/idp/SingleLogoutServiceiFrame.php
+++ b/www/saml2/idp/SingleLogoutServiceiFrame.php
@@ -1,7 +1,7 @@
<?php
/**
- * This SAML 2.0 endpoint can receive incomming LogoutRequests. It will also send LogoutResponses,
+ * This SAML 2.0 endpoint can receive incoming LogoutRequests. It will also send LogoutResponses,
* and LogoutRequests and also receive LogoutResponses. It is implemeting SLO at the SAML 2.0 IdP.
*
* @author Andreas Ă…kre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
@@ -90,6 +90,8 @@ require_once(SimpleSAML_Utilities::resolvePath('libextinc') . '/xajax/xajax.inc.
*/
function updateslostatus() {
+
+
SimpleSAML_Logger::info('SAML2.0 - IdP.SingleLogoutServiceiFrame: Accessing SAML 2.0 IdP endpoint SingleLogoutService (iFrame version) within updateslostatus() ');
$config = SimpleSAML_Configuration::getInstance();
@@ -117,14 +119,19 @@ function updateslostatus() {
$spname = is_array($name) ? $t->getTranslation($name) : $name;
- $objResponse->addAssign('e' . sha1($spentityid), "className", 'loggedout');
- $objResponse->addAssign('e' . sha1($spentityid), "innerHTML", 'Logging out from <strong>' . $spname . '</strong> successfully completed');
+ $objResponse->addScriptCall('slocompletesp', 'e' . sha1($spentityid));
+ // $objResponse->addAssign('e' . sha1($spentityid), "className", 'loggedout');
+ // $objResponse->addAssign('e' . sha1($spentityid), "innerHTML", 'Logging out from <strong>' . $spname . '</strong> successfully completed');
}
if ($session->sp_logout_completed() === TRUE) {
- $objResponse->addAssign('iscompleted', "className", 'allcompleted');
- $objResponse->addAssign('interrupt', "className", 'allcompleted');
+// $objResponse->addAssign('iscompleted', "className", 'allcompleted');
+// $objResponse->addAssign('interrupt', "className", 'allcompleted');
+
+ $objResponse->addScriptCall('slocompleted');
+
+
/**
* Clean up session object to save storage.
@@ -269,6 +276,7 @@ $session->dump_sp_sessions();
*/
$listofsps = $session->get_sp_list();
$sparray = array();
+$sparrayNoLogout = array();
foreach ($listofsps AS $spentityid) {
// ($issuer, $receiver, $nameid, $nameidformat, $sessionindex, $mode) {
@@ -276,20 +284,26 @@ foreach ($listofsps AS $spentityid) {
if($nameId === NULL) {
$nameId = $session->getNameID();
}
-
- $lr = new SimpleSAML_XML_SAML20_LogoutRequest($config, $metadata);
- $req = $lr->generate($idpentityid, $spentityid, $nameId, $session->getSessionIndex(), 'IdP');
-
- $httpredirect = new SimpleSAML_Bindings_SAML20_HTTPRedirect($config, $metadata);
-
- // $request, $localentityid, $remoteentityid, $relayState = null, $endpoint = 'SingleSignOnService', $direction = 'SAMLRequest', $mode = 'SP'
- $url = $httpredirect->getRedirectURL($req, $idpentityid, $spentityid, NULL, 'SingleLogoutService', 'SAMLRequest', 'IdP');
$spmetadata = $metadata->getMetaData($spentityid, 'saml20-sp-remote');
$name = array_key_exists('name', $spmetadata) ? $spmetadata['name'] : $spentityid;
- $sparray[$spentityid] = array('url' => $url, 'name' => $name);
+ try {
+ $lr = new SimpleSAML_XML_SAML20_LogoutRequest($config, $metadata);
+ $req = $lr->generate($idpentityid, $spentityid, $nameId, $session->getSessionIndex(), 'IdP');
+ $httpredirect = new SimpleSAML_Bindings_SAML20_HTTPRedirect($config, $metadata);
+ // $request, $localentityid, $remoteentityid, $relayState = null, $endpoint = 'SingleSignOnService', $direction = 'SAMLRequest', $mode = 'SP'
+ $url = $httpredirect->getRedirectURL($req, $idpentityid, $spentityid, NULL, 'SingleLogoutService', 'SAMLRequest', 'IdP');
+
+
+ $sparray[$spentityid] = array('url' => $url, 'name' => $name);
+
+ } catch (Exception $e) {
+
+ $sparrayNoLogout[$spentityid] = array('name' => $name);
+
+ }
}
@@ -396,8 +410,10 @@ if (array_key_exists('name', $spmeta)) $spname = $spmeta['name'];
$et = new SimpleSAML_XHTML_Template($config, 'logout-iframe.php');
-$et->data['header'] = 'SAML 2.0 IdP Ajax Logout';
+$et->data['header'] = 'Global logout';
$et->data['sparray'] = $sparray;
+$et->data['sparrayNoLogout'] = $sparrayNoLogout;
+
$et->data['logoutresponse'] = $logoutresponse;
$et->data['xajax'] = $xajax;
$et->data['requesterName'] = $spname;
diff --git a/www/saml2/sp/SingleLogoutService.php b/www/saml2/sp/SingleLogoutService.php
index 6063df685..6db72f0cd 100644
--- a/www/saml2/sp/SingleLogoutService.php
+++ b/www/saml2/sp/SingleLogoutService.php
@@ -22,7 +22,7 @@ if (isset($session) ) {
$session->clean();
}
-
+# sleep(max(0, rand(-5,15)));
if (isset($_GET['SAMLRequest'])) {
--
GitLab