user_saml
user_saml copied to clipboard
Published
20 hours ago •
nextcloud
nextcloud
Using environment variables: user is still logged in when env vars disappear.
Steps to reproduce
- add an http-env-var which is defined as user-id
- open the nextcloud-dashboard
- remove the http-env-var
- reload the nextcloud-dashboard
Expected behaviour
I would expect the user is logged out when the http-env-var with the user-id is gone (e.g. because the user is logged out in the service that provided nextcloud-app with the http-env-var in the first place.
Actual behaviour
The user is not logged out when the corresponding http-env-var with the users id is gone.
Server configuration
Operating system: Linux 5.18
Web server: Nginx 1.22.0
Database: PostgreSQL 14.4
PHP version: 8.0.21
Nextcloud version: 24.0.3
Where did you install Nextcloud from: Docker-Image
List of activated apps:
Enabled:
- accessibility: 1.10.0
- activity: 2.16.0
- bruteforcesettings: 2.4.0
- circles: 24.0.0
- cloud_federation_api: 1.7.0
- comments: 1.14.0
- contactsinteraction: 1.5.0
- dashboard: 7.4.0
- dav: 1.22.0
- federatedfilesharing: 1.14.0
- federation: 1.14.0
- files: 1.19.0
- files_pdfviewer: 2.5.0
- files_rightclick: 1.3.0
- files_sharing: 1.16.2
- files_trashbin: 1.14.0
- files_versions: 1.17.0
- files_videoplayer: 1.13.0
- firstrunwizard: 2.13.0
- logreader: 2.9.0
- lookup_server_connector: 1.12.0
- nextcloud_announcements: 1.13.0
- notifications: 2.12.0
- oauth2: 1.12.0
- password_policy: 1.14.0
- photos: 1.6.0
- privacy: 1.8.0
- provisioning_api: 1.14.0
- recommendations: 1.3.0
- serverinfo: 1.14.0
- settings: 1.6.0
- sharebymail: 1.14.0
- support: 1.7.0
- survey_client: 1.12.0
- systemtags: 1.14.0
- text: 3.5.1
- theming: 1.15.0
- twofactor_backupcodes: 1.13.0
- updatenotification: 1.14.0
- user_saml: 5.0.2
- user_status: 1.4.0
- viewer: 1.8.0
- weather_status: 1.4.0
- workflowengine: 2.6.0
Disabled:
- admin_audit
- encryption
- files_external
- user_ldap
Nextcloud configuration:
{
"system": {
"overwrite.cli.url": "https:\/\/cloud.us66zumi.dev.hmt-leipzig.de",
"trusted_domains": [
"cloud.us66zumi.dev.hmt-leipzig.de"
],
"trusted_proxies": "***REMOVED SENSITIVE VALUE***",
"forwarded_for_headers": [
"X-Real-Ip"
],
"default_phone_region": "DE",
"allow_local_remote_servers": true,
"log_type": "file",
"dbtype": "pgsql",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"memcache.local": "\\OC\\Memcache\\APCu",
"mail_smtpmode": "smtp",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": 25,
"mail_smtpsecure": "",
"mail_smtpauth": false,
"mail_smtpauthtype": "LOGIN",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"memcache.distributed": "\\OC\\Memcache\\Redis",
"memcache.locking": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"password": "***REMOVED SENSITIVE VALUE***",
"port": 6379
},
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"version": "24.0.3.2",
"dbport": "",
"dbtableprefix": "oc_",
"installed": true,
"logfile": "nextcloud.log",
"loglevel": 1
}
}
