Shibboleth SP will not allow a user to log in for a few minutes after he/she log out

[Cantor, Scott]

The SP caches logout requests as per the standard to make sure logouts that arrive ahead of a login are honored, but if there's no SessionIndex in the logout request then any use of the same NameID is going to be impacted. Ithe IdPs stops using a fixed value and uses transients instead the problem will go away. Or they can pass a SessionIndex during logout, which is more or less expected/assumed. I don't think the caching "feature" can be turned off.

-- Scott