SP SAML2 Logout

Cantor, Scott cantor.2 at osu.edu
Wed Apr 13 11:25:18 EDT 2016

On 4/13/16, 11:16 AM, "users on behalf of Ryan Rumbaugh" <users-bounces at shibboleth.net on behalf of rrumbaugh at nebraska.edu> wrote:

>After this completes the IdP redirects back to SP2 which is where I did see the IIS 505 error. I was expecting the IdP to at least send a SAML2 logout response back to the SP, but it’s simply performing a HTTP redirect.

That *is* a SAML 2 logout response. It is doing exactly what you're expecting it to do.

> I did add the <error> tag to the shibboleth2.xml to get rid of the 505 error, but is there a way to avoid the error altogether?

The error is because the LogoutResponse contained a SAML status code indicating it was an error, and what you do with errors is up to you.

The SP should be displaying the logout result template IIRC.

-- Scott


More information about the users mailing list