administratively terminate specific SP session
cantor.2 at osu.edu
Wed Feb 21 12:37:08 EST 2018
> Given a session ID from the transaction log (eg.
> _ae7b9914292d19c02b6b632edc5e9383 with applicationId 'default' from
> AssertionID 'id-KS2cElqrTQ12UzCVm') is it possible to administratively
> terminate the SP session, preferably from the command line?
No, it's not.
> If not, will you entertain a feature request for such capability?
I'm willing (esp. if it's divorced from having to implement SAML administrative logout and let the IdP know) but it won't work with the client-side feature in V3 unless we come up with some ugly workaround like a session blacklist I guess.
What would make you *not* prefer doing this with the web server or application to block authz? That seems like a much better way to do it to me...
I hope you say persistent IDs... ;-)
More information about the users