Single Logout
Prog
programmierstudi at gmx.de
Thu Nov 27 15:27:14 EST 2014
>So if my thinking is correct: 1) I need some kind of listener in my
web application 2) Configure SP where to send the SOAP message Hm, so
strange this PHP code, >sorry I'm not so familiar with php, we are using
java. Regards, Tomaz
The php code is a bit tricky:
1. no parameters supplied - just put out the wsdl
2. action and target parameters url-supplied - front channel logout
3. shibboleth logout request to SOAP server - back channel logout
By 3. you will get the shibsession id that is going to be logout. So at
login your application has to map this shibbsession id to its own
session so that on logout you know which application session to logout.
If your code thinks everything went fine it has to respond with a
SAML2(?) response that simply contains OK (see php example code). If not
you have to throw a SOAP fault.
You might remember it is always better to throw a SOAP fault than to
respond with a false positive OK.
regards
More information about the users
mailing list