- SSO finalized

- SSO Session is not closed if a new single authentication operation is started
- PVP2 Configuration from Database (but without Metadata) --> TODO: change MetaDataProvider
- Add additional UserFrame in case of SSO
- MOASession encryption

TODO: MetaDataProvider, IdentityLink resign, SSO with Mandates, Legacy Template generation

1 files changed, 3 insertions, 1 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
index 571d4e738..caf2e4490 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java
@@ -92,7 +92,9 @@ public class LogOutServlet extends AuthServlet {
 		
 		//delete SSO session and MOA session
 		AuthenticationManager authmanager = AuthenticationManager.getInstance();
-		authmanager.logout(req, resp);
+		String moasessionid = AuthenticationSessionStoreage.getMOASessionID(ssoid);
+		
+		authmanager.logout(req, resp, moasessionid);
 		Logger.info("User with SSO Id " + ssoid + " is logged out and get redirect to "+ redirectUrl);
 	} else {
 		Logger.info("No active SSO session found. User is maybe logout already and get redirect to "+ redirectUrl);