Unable to log with another LDAP as soon as one is logged once

[b3]

As stated in #43 once Mattermost-LDAP activated I am unable to log with another user.

I can log in and log out.

But then I can not log with another LDAP user, the page which always comes when I click on the GitLab is the one which ask me to Authorize or Deny the connection.

The only workaround is to quit the browser to be able to log with another user.

Is it a feature or a bug?

[Crivaledaz]

Hi,

It's not really a bug, this is more a feature. I know this behaviour and I don't think it is a problem. In the common case, you use Mattermost with your personal computer, and once you have logged in, you don't need to logout to switch user.

For your information, when you click on the Gitlab button you are redirected to the authorize.php page. Once you are there, Mattermost-LDAP verifies if you have a PHP session ID, which is created when you log in successfully. If not, you are redirected to the index.php page to log on. The PHP session variable stays set during all you browsing session, so until you close your browser. That is the reason why you are not redirected to the login form if you have already logged on during the browsing session.

As you stated, if you want to destroy the session id, you can close your browser, or use a private browsing windows.

If I find some time, maybe I will add a logout button on the authorize.php page to reset the PHP session id. In this way, you could log with another LDAP user. I have added you suggestion on my TODO list :)

Regards,

[Crivaledaz]

Hi,

I finally found some time during the lockdown, and I have worked on a new Mattermost-LDAP version. So, I am glad to announce Mattermost-LDAP V2 is now in beta :)

This new version includes new features to bring solutions to #44 and #45. You can try it from the branch v2. For more informations about this version, see the changelog file

Please, let me know if this new version solves your issues.

Regards

[grvsmth]

I tested it on Friday, and it does really log the user off when they log out of Mattermost. Thanks, Denis!

[b3]

Unfortunately we switch to using an empty gitlab for authentication (which is using LDAP). It is not perfect but it runs and is in production now. We thus wont be able to test the new version of Mattermost-LDAP before some (long) time.

Thank's however for the nice work.

[Crivaledaz]

I close this issue since the log out feature has been added and merged in Mattermost-LDAP V2.

Note : In V2, users are automatically logged out at the end of the authentication process. The sign off button now only allows to switch user before authorizing Mattermost to get LDAP data.