Profile Action ProcessLogoutRequest: No active session(s) found matching LogoutRequest - Unknown Principle in the LogoutResponse, status is not SUCCESS
Cantor, Scott
cantor.2 at osu.edu
Thu Jul 18 16:21:23 EDT 2019
On 7/18/19, 1:37 PM, "users on behalf of Nrusimhayya Manda" <users-bounces at shibboleth.net on behalf of nrusimhayya.manda at altran.com> wrote:
Issued:
<saml2:NameID
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
NameQualifier="https://<IdP host>:<IdP port>/idp/shibboleth"
SPNameQualifier="https://<SP host>:<SP port>/"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">DZXGELUVHN5MQTFOGQTKUKZOMCVHI6UD</saml2:NameID>
Logout:
<saml2:NameID xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
NameQualifier="https://<IDP HOST>:<IDP PORT>/idp/shibboleth">nmanda4</saml2:NameID>
They don't match. SAML requires they match. That's it. Exactly what I already told the other person that asked the same question.
Format, both qualifiers, the value, all have to match.
-- Scott
More information about the users
mailing list