SLO HTTP-Redirect endpoint with query-string parameters (/?sls).

Cameron Kerr cameron.kerr at
Mon Sep 3 19:28:11 EDT 2018

Simply because it wasn't my project; I was just trying replicate and fix someone else's design choice.

When we first went with python3-saml, there were limited options I think with regard to python3. I've not heard to those two you have mentioned (thanks!). I think we also wanted to use nginx too...

My chief learning from this exercise is to strongly avoid using library based solutions within a SP application and to instead rely on external authentication and have a reverse-proxy take care of the AuthN contract. Not sure how well that would work with logout at the moment.... but it has to be much simpler for sure.

-----Original Message-----
From: users <users-bounces at> On Behalf Of Peter Schober
Sent: Monday, 3 September 2018 11:19 PM
To: users at
Subject: Re: SLO HTTP-Redirect endpoint with query-string parameters (/?sls).

* Cameron Kerr <cameron.kerr at> [2018-09-03 03:37]:
> I'm trying to get the python3-saml demo-django project
> (
> working nicely (including logout) with Shibboleth IdP version 3.2.1

Out of curiosity: Why not use the Shibboleth SP plus some middleware on the Django side for it (e.g. Brown's[1] or any other)?
Or, for demployments without a supported web server (i.e., without Apache httpd, MS-IIS or Nginx+fastcgi) some middleware for pysaml2[2]?


For Consortium Member technical support, see
To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list