SP SAML2 Logout
Ryan Rumbaugh
rrumbaugh at nebraska.edu
Tue Apr 12 16:12:10 EDT 2016
Hi all,
I’ve been experimenting with using SP-initiated SAML2 logout and have successfully configured it with our 3.2 Shib IdP. I do have a scenario that is bugging me that I’m hoping someone can help with though.
Say, for example, I authenticate to two SP’s (SP1 & SP2) using the same IdP and then logout of SP1. After logging out, the application and SP1 sessions are removed and I am redirected to the IdP logout page which successfully removes the IdP session.
Now, if I go to SP2, where my SP2 session is still active and click logout an error occurs on SP2. Not sure what the error is, but I get a 505 on IIS.
I realize the IdP session has already been removed in my scenario, but what I would like to happen is to have the IdP redirect back to SP2 with some response that I can check for. Then I can simply show a message to the end user that their IdP session has already ended and the logout of SP2 has been achieved.
What’s the best approach to accomplish this? Thanks!
—
Ryan Rumbaugh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160412/b025e400/attachment.html>
More information about the users
mailing list