SP - Global Logout Feature question...

[Dennis Fazekas]

Greetings,

We are using the SP Shibboleth software for SSO. Recently we got a requirement to Logout a user on the IDP side. I thought this would be easy by using the following settings in the Shibboleth2.xml file.

            <Logout>SAML2 global</Logout>
            <LogoutInitiator type="Chaining" Location="/Logout">
                <LogoutInitiator type="Global" />
                <LogoutInitiator type="SAML2" template="bindingTemplate.html"/>
                <LogoutInitiator type="Local" />
            </LogoutInitiator>

As listed is our current settings. I've tried "Global" too...

For the logout we send the user to "/Shibboleth.sso/Logout" and they are only being logged out "Locally" and never being sent over to the IDP for logout.

It's probably something stupid I am missing, but I cannot seem to locate the issue. If anyone could help me get this working I would greatly appreciate it.

Thank you!

Dennis Fazekas  |  Cloud and Innovative Solutions (CIS) | Technical Lead

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180905/b6990e1a/attachment.html>