Hello,
We run Zimbra NE 10.0.1.1684843569-2.u20. It seems since a recent update, the logout from the modern design is not working. We use ZimbraWebClientLogoutURL to logout on the IdP/SSO as well, after logging out in zimbra, so maybe that is related. This redirect *works* fine. In the browser's webdeveloper log, I also see that the webclient is trying to do soap request to terminate the session (with 'EndSessionRequest' as content)
This request fails, it results in a 500 error, with the message "no valid authtoken present", the `mailbox.log` shows a similar error: `SoapEngine - no valid authtoken present: cannot dispatch request`.
After reading the internet, I found out that it is possible to disable CSRF token checks with:
zmprov mcf zimbraCsrfTokenCheckEnabled FALSE
zmmailboxdctl restart
After that, I do not see the same error anymore, and the Soap request results in a 200. Also the log looks normal now:
2023-06-08 03:31:22,174 INFO [qtp2138564891-242:https://xxxxxxxxxxxxxx/service/soap] [name=xxxxxx@xxxxxxxx;mid=7;ip=*.*.*.*;port=39346;ua=ZimbraModernWebClient - FF113 (Linux)/10.0.1_GA_4549;soapId=465dcd2e;] soap - EndSessionRequest elapsed=2
However, if I go to the zimbra client domain, I discover I am still logged in and shows mail directly. It does not forward to the IdP/SSO server. Obviously this is a security risk, especially for those logging in from remote/guest computers.
Any ideas? Is it a configuration issue or a bug?
Logout not working in modern layout
Re: Logout not working in modern layout
As this is question about NE I'd suggest you raise a support case.
-
- Zimbra Employee
- Posts: 13
- Joined: Wed Oct 19, 2022 6:05 am
Re: Logout not working in modern layout
Can you please add `virtual host` on Default domain and restart the mailbox if virtual host not present.
Refer: http://docs.zimbra.com/docs/os/8.6.0/ad ... ingle=true
Refer: http://docs.zimbra.com/docs/os/8.6.0/ad ... ingle=true