Handle logout hooks / Jérôme Vieilledent / Blogs - Share eZ Publish! The eZ Publish Community

Blogs / Jérôme Vieilledent / Handle logout hooks

Handle logout hooks

Tuesday 30 November 2010 7:08:51 am

  • Currently 5 out of 5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

By : Jérôme Vieilledent

Sometimes you need to catch the user logout action, particularly when using an SSO.

Powerful login / poor logout features

eZ Publish has a powerful abstract authentication system. It means that you can virtually use any form of authentication through Login Handlers (LDAP handler is an implementation of it). It is even possible to authenticate an already-logged-in-user from an external application, through SSO Handlers (see my tutorial about SSO Handlers).

However, there is no "logout handler" system, so it is not currently possible to catch the logout process (eZ Publish version is 4.4 Fuji at the time of writing). That's a shame because it makes almost impossible to trigger an SSO logout for example.

This has been already logged as a feature request on issues.ez.no, but fortunately there is a workaround :).

The workaround

Digging into the kernel, I found that it was actually possible to configure the redirection on logout. By default, eZ Publish redirects to /user/login, as configured in site.ini.

Here's a code extract from kernel/user/logout.php (logout view of user module) :

$ini = eZINI::instance();
if ( $ini->variable( 'UserSettings', 'RedirectOnLogoutWithLastAccessURI' ) == 'enabled' && $http->hasSessionVariable( 'LastAccessesURI' ))
{
    $redirectURL = $http->sessionVariable( "LastAccessesURI" );
}
else
{
    $redirectURL = $http->postVariable( 'RedirectURI', $ini->variable( 'UserSettings', 'LogoutRedirect' ) );
}

return $Module->redirectTo( $redirectURL );

It means that if you don't use RedirectOnLogoutWithLastAccessURI, configured in site.ini, eZ Publish checks if a RedirectURI variable has been posted, and if not, takes the [UserSettings].LogoutRedirect in site.ini.

So the solution would consist in developing a module, let's say mysso/logout, and in configuring [UserSettings].LogoutRedirect to point on this module. In the logout view of this module, just do whatever you need to do to complete yout logout process and redirect the user to the homepage (this is an example).

Yes, sure it means one more HTTP 302 redirection, but well... This is IMHO the best solution until we have proper logout handlers and handleSSOLogout() in SSO handlers ;-). If you want such a feature, go vote for the associated request !

Blog Post Discussion

Handle logout hooks

eZ debug

Timing: Jan 30 2025 19:55:13
Script start
Timing: Jan 30 2025 19:55:13
Module start 'content'
Timing: Jan 30 2025 19:55:13
Module end 'content'
Timing: Jan 30 2025 19:55:13
Script end

Main resources:

Total runtime0.0369 sec
Peak memory usage4,096.0000 KB
Database Queries4

Timing points:

CheckpointStart (sec)Duration (sec)Memory at start (KB)Memory used (KB)
Script start 0.00000.0098 613.8984370.2969
Module start 'content' 0.00980.0155 984.19531,006.8984
Module end 'content' 0.02530.0115 1,991.093870.6875
Script end 0.0368  2,061.7813 

Time accumulators:

 Accumulator Duration (sec) Duration (%) Count Average (sec)
Ini load
Load cache0.00246.6344120.0002
Check MTime0.00102.7171120.0001
Mysql Total
Database connection0.00072.016510.0007
Mysqli_queries0.006116.590240.0015
Looping result0.00000.059520.0000
Template Total0.011029.910.0110
Template load0.00082.097910.0008
Template processing0.010227.780410.0102
Override
Cache load0.00051.250010.0005
General
dbfile0.007219.5884100.0007
String conversion0.00000.018730.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

UsageRequested templateTemplateTemplate loadedEditOverride
1pagelayout.tpl<No override>extension/sevenx/design/simple/templates/pagelayout.tplEdit templateOverride template
 Number of times templates used: 1
 Number of unique templates used: 1

Time used to render debug report: 0.0001 secs