SLO session lookup failure
Peter Schober
peter.schober at univie.ac.at
Thu Feb 22 08:17:46 EST 2018
* Julian Williams <julian.williams at it.ox.ac.uk> [2018-02-22 13:29]:
> However, if we bounce the test IdP in between the authentication and the
> logout request, we see the error straight away (e.g. <5min after login).
> This still seems to point to an issue with server side session storage
> even though we have configured our IdP to use client side session
> storage. So that is strange.
To this aspect specifically: AFAIU the client gets fed data that would
allow the reconstruction of the session from scratch (e.g. when being
sent to another IDP node that does not have the session in memory) for
*SSO* requests.
I.e., I don't think things are designed to restore the session on all
requests to the IDP, including SLO request.
-peter
More information about the users
mailing list