[shib_auth] class registry in drupal 7 conflicting with shib sessions
Mike Cammilleri
mikec at stat.wisc.edu
Tue Aug 27 21:29:54 CEST 2013
We are using the shibboleth module with D7 which works, most of the
time. Users can click on the shibboleth login link, be directed to the
Idp, authenticated successfully and returned to D7, at which point
.htaccess allows them in with
AuthType Shibboleth
ShibRequireSession Off
require shibboleth
ShibUseHeaders On
About an hour or so goes by and all of a sudden D7 stops allowing the
shib-authenticated user in. The user can still authenticate to the shib
Idp, but when returned to the D7 site, drupal just behaves as if they
never logged in at all. No error page, no 404 not found, no white page
of death, just back to the D7 site and the login button for shib is
still sitting there as if they never clicked on it.
In order to fix this, all I need to do is flush the Class Registry from
the Flush All Caches menu. Simply flushing that cache corrects the
behavior and once again D7 will allow users to log in via shib. Until
another hour goes by and D7 stops allowing shib users, and I need to
flush the Class Registry again.
Has anyone experienced this? What is in the Class Registry that could be
causing D7 to think users aren't logged in? (Local drupal accounts work
fine by the way). I turned off all caching in the Performance section,
except for block caching which is greyed out because I'm using the
Access Control module. This still has not fixed the problem.
Any hints would be greatly appreciated.
More information about the shib_auth
mailing list