Authentication

Hi Benjamin,

The reason it is logging you out and right back in again is because you are only ogging out of Moodle but not your SSO provider. In order to properly log out, you need to be logged out of you SSO provider. You may also need to logout of Moodle too afterwards.

The trick to getting this to work is to find a way to end up logged out of both. There are two possibilities that I know of.

Some authentication systems provide Moodle with a logout URL automatically. I don't know for sure if yours does. It may be something that you can configure in the authentication plugin settings.

In my case, after studying the SSO provider's documentation, I discovered that it supported a redirection parameter. The URL is where the SSO provider sends the web browser after you are logged out of SSO. The result is that the user ends up logged out of both systems.

So I did some customization to change the logout URL toinclude the extra parameter. Now when the user logs out, they are now clicking a link that will log them out of the SSO system and then get redirected to the Moodle logout URL. Unfortunately Moodle lacks an alternate Custom logout URL option like the one for logging in.

So far this has been working great - for the most part. There remains one a small annoyance which I have not had time to work out yet.

After logging out, when I click on a link to the course I was in before I logged out, instead of taking me to the course description as one would expect, it takes me to the SSO login page. So what I think I need to do now is to create a custom logout.php that will also delete the session cookie so that Moodle stops trying to redirect me back to the last page I was on.

I will probably add an option for that but I am not sure that I will be able to programmatically override the default Moodle logout URL path. You may still need to do some custom work in the theme.

Hope you find this helpful.

Best regards,

Michael