[Drupal] Issue with the Shibboleth module
Hicks, Edward S. (Stu)
hicks.367 at osu.edu
Wed Jul 30 11:41:31 EDT 2014
I ran into something yesterday and I wanted to run it past the group before I started hacking code just in case someone else had already come up with a workaround.
Apparently the shib_auth module from NIIF generates a Drupal session (SSESS cookie) for every visitor – even anonymous ones – immediately on their first page load. This behavior doesn’t occur when the Shib module is disabled. They don’t need to log in first or anything and they don’t have a DRUPAL_UID cookie; however, just that session ID is enough to cause drupal_page_is_cacheable() to always return false. This breaks Drupal’s internal page cache, Boost, and all other caching modules save the stupidest ones that just cache everything or force you to manually write rules for what gets cached.
Has anyone else run into this? Has anyone come up with a way around it? I filed a bug report with the shib_auth module developers but they have 60+ in there already so who knows when/if they’ll get to it.
Thanks!
[cid:DACE0388-3E3B-4BA1-909C-725F591B2D1E]
E. Stuart Hicks
Senior Web Systems Administrator
Office of the Chief Information Officer | Infrastructure Services
Suite 180 | 2740 Airport Dr, Columbus, OH 43219
614-292-4256
hicks.367 at osu.edu<mailto:hicks.367 at osu.edu> ocio.osu.edu<http://ocio.osu.edu/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osu.edu/pipermail/drupal/attachments/20140730/9effba92/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: B77EAA1C-F460-4F5D-BDF3-38BE765FA634.png
Type: image/png
Size: 4989 bytes
Desc: B77EAA1C-F460-4F5D-BDF3-38BE765FA634.png
URL: <http://lists.osu.edu/pipermail/drupal/attachments/20140730/9effba92/attachment.png>
More information about the Drupal
mailing list