[Drupal] Issue with the Shibboleth module
Hicks, Edward S. (Stu)
hicks.367 at osu.edu
Wed Jul 30 14:01:05 EDT 2014
For the record, the latest development version seems to resolve this issue. I’m not happy about running dev in a prod environment but I suppose the fact that it hasn’t been updated since Oct 2013 might mean that it’s mislabeled as dev.
From: <Hicks>, Edward Hicks <hicks.367 at osu.edu<mailto:hicks.367 at osu.edu>>
Reply-To: Drupal Users <drupal at lists.service.ohio-state.edu<mailto:drupal at lists.service.ohio-state.edu>>
Date: Wednesday, July 30, 2014 at 11:41 AM
To: Drupal Users <drupal at lists.service.ohio-state.edu<mailto:drupal at lists.service.ohio-state.edu>>
Subject: [Drupal] Issue with the Shibboleth module
I ran into something yesterday and I wanted to run it past the group before I started hacking code just in case someone else had already come up with a workaround.
Apparently the shib_auth module from NIIF generates a Drupal session (SSESS cookie) for every visitor – even anonymous ones – immediately on their first page load. This behavior doesn’t occur when the Shib module is disabled. They don’t need to log in first or anything and they don’t have a DRUPAL_UID cookie; however, just that session ID is enough to cause drupal_page_is_cacheable() to always return false. This breaks Drupal’s internal page cache, Boost, and all other caching modules save the stupidest ones that just cache everything or force you to manually write rules for what gets cached.
Has anyone else run into this? Has anyone come up with a way around it? I filed a bug report with the shib_auth module developers but they have 60+ in there already so who knows when/if they’ll get to it.
Thanks!
[cid:DACE0388-3E3B-4BA1-909C-725F591B2D1E]
E. Stuart Hicks
Senior Web Systems Administrator
Office of the Chief Information Officer | Infrastructure Services
Suite 180 | 2740 Airport Dr, Columbus, OH 43219
614-292-4256
hicks.367 at osu.edu<mailto:hicks.367 at osu.edu> ocio.osu.edu<http://ocio.osu.edu/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osu.edu/pipermail/drupal/attachments/20140730/b34bce18/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: B77EAA1C-F460-4F5D-BDF3-38BE765FA634.png
Type: image/png
Size: 4989 bytes
Desc: B77EAA1C-F460-4F5D-BDF3-38BE765FA634.png
URL: <http://lists.osu.edu/pipermail/drupal/attachments/20140730/b34bce18/attachment.png>
More information about the Drupal
mailing list