Single logout problem
cantor.2 at osu.edu
Tue Oct 10 11:39:15 EDT 2017
> > Where does it say it's unsuccessful?
> because I can open the second application without authentication
That doesn't mean anything. The SAML part could have succeeded and the application just isn't wired to care. But even so, I'm just saying nothing you posted tells me whether the logout to the SP did or didn't work from the IdP's point of view.
> > Your audit log isn't configured usefully enough to tell much of anything
> In my logback.xml I see ALL level for IDP_AUDIT appender. How can I
> improve the quality of the log?
By reading the documentation on the audit log and adding fields that actually report the success of the SAML request. That isn't configured in logback, it's a specific IdP setting.
> before that I had an IDP version without SLO. This is my first attempt to use SLO
I would find a better way to spend my time but if you insist, prepare to spend a lot of time and end up in about the same place you are now, just perhaps understanding why it isn't working.
More information about the users