Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
Description
Clicking the "logout" button causes a redirect to a page which causes Jenkins to automatically login.
When the plugin is configured to allow READ permission for Authenticated, but not Anonymous, users, clicking "logout" has no effect.
Similar to JENKINS-16350 (GitHub Oath plugin)
This is what is really happening when you "logout"...
Jenkins logs you out, redirects you back to the Jenkins page you were in.
Jenkins sees a new you, now anonymous. It decides to authenticate you.
Jenkins sends you to SAML server
SAML server is configured to automatically log you in (aka "remember this website")
Jenkins logs you right back in.
Attachments
Issue Links
- links to
