diff --git a/sources/patches/app-web.patch b/sources/patches/app-web.patch
index f8536d9..a941437 100644
--- a/sources/patches/app-web.patch
+++ b/sources/patches/app-web.patch
@@ -1,6 +1,15 @@
 --- a/cps/web.py	2019-01-12 09:01:08.000000000 +0100
-+++ b/cps/web.py	2019-01-13 11:21:11.000000000 +0100
-@@ -2363,7 +2363,18 @@
++++ b/cps/web.py	2019-01-13 15:29:45.000000000 +0100
+@@ -2360,10 +2360,27 @@
+         return redirect(url_for('basic_configuration'))
+     if current_user is not None and current_user.is_authenticated:
+         return redirect(url_for('index'))
++    auth_user = request.headers.get('X-Remote-User')
++    if auth_user and config.config_use_ldap:
++        user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == auth_user.strip().lower()).first()
++        login_user(user, remember=True)
++        flash(_(u"you are now logged in as: '%(nickname)s'", nickname=user.nickname), category="success")
++        return redirect(url_for("index"))
      if request.method == "POST":
          form = request.form.to_dict()
          user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == form['username'].strip().lower()).first()
@@ -20,7 +29,18 @@
              login_user(user, remember=True)
              flash(_(u"you are now logged in as: '%(nickname)s'", nickname=user.nickname), category="success")
              return redirect_back(url_for("index"))
-@@ -3088,6 +3099,21 @@
+@@ -2384,8 +2401,9 @@
+ @login_required
+ def logout():
+     if current_user is not None and current_user.is_authenticated:
++        logout_host = request.headers.get('Host')
+         logout_user()
+-    return redirect(url_for('login'))
++    return redirect("https://%servername/yunohost/sso/".replace("%servername", logout_host))
+ 
+ 
+ @app.route('/remote/login')
+@@ -3088,6 +3106,21 @@
          if "config_ebookconverter" in to_save:
              content.config_ebookconverter = int(to_save["config_ebookconverter"])