Logout Failing - No active session(s) found matching LogoutRequest
Lipscomb, Gary
glipscomb at csu.edu.au
Fri Oct 22 07:36:04 UTC 2021
Thanks Nate,
I'll pass this on to the vendor
Gary Lipscomb
Technical Officer, Systems | IT Infrastructure & Security | Division of Information Technology
Charles Sturt University
-----Original Message-----
From: Nate Klingenstein <ndk at signet.id>
Sent: Friday, 22 October 2021 18:19
To: Shib Users <users at shibboleth.net>
Cc: Lipscomb, Gary <glipscomb at csu.edu.au>
Subject: RE: Logout Failing - No active session(s) found matching LogoutRequest
> https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
If you look at 2.2.2, you'll see that the IdP's defaulting is per the specification. The SP cannot expect its logout functionality to work unless it's dealing only with unspecified NameID's or IdP's that are not spec-compliant, which is a harrowing thought.
More information about the users
mailing list