Only check for SimpleSAMLphp session if user is not allowed to log in locally to Drupal [#3274315]

Problem/Motivation

Currently in SimplesamlSubscriber.php, it will always check if the user has a valid SimpleSAMLphp session -- even if the user is allowed to use a local Drupal login. And it does this on every request.

Steps to reproduce

N/A

Proposed resolution

I suggest only checking if the user has a valid SimpleSAMLphp session if the user is not allowed to use a local login.

Remaining tasks

N/A

User interface changes

N/A

API changes

N/A

Data model changes

N/A

Issue fork simplesamlphp_auth-3274315

Show commands

Start within a Git clone of the project using the version control instructions.

Add & fetch this issue fork’s repository

Or, if you do not have SSH keys set up on git.drupalcode.org:

Add & fetch this issue fork’s repository

3274315-only-check-for changes, plain diff MR !12
Check out this branch for the first time

Check out existing branch, if you already have it locally

About issue forks

Comments

Comment #1

8 April 2022 at 17:46

mediabounds created an issue. See original summary.

Comment #2

8 April 2022 at 17:50

mediabounds opened merge request !12

Comment #3

mediabounds commented 8 April 2022 at 17:56

For most, this is probably an insignificant change. But, in our specific environment we allow a significant number of both local and SSO accounts. We recently had a service disruption on the server storing SSO sessions and it caused the entire site to become unavailable--even to users who didn't use SSO.

Comment #4

mediabounds commented 8 April 2022 at 17:58

Status:

Active

» Needs review

Only check for SimpleSAMLphp session if user is not allowed to log in locally to Drupal