Question

I have authenticated my application through OpenAM based IDP through SAML.Now I want to logout of my application through SAML. So my questions are :

  1. I have selected the "spSingleLogoutInit.jsp" implementation,is it the right way of doing?

  2. If its yes than what should be the RelayState,I have given the login page of my application, i.e "http://www.myexample.com/login.do.

3.In the sessionIndex do I need to give the current session id i.e "request.getSession().getId()", or I need to pass the JSESSIONID from the cookies.

  1. NameId is defined as:

    String nameID ="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"

is it correct?

5.binding protocol is default i.e redirect.

I am calling:

    SPSingleLogout.initiateLogoutRequest(request, response, binding,
                paramsMap);

I do not get any error,but my session still remain active

Is my declaration correct,need help.

Was it helpful?

Solution

You may first read SAML techoverview , so you get an idea how all the parties interact ...

you may also use Spring Security SAML extension ... you get 'local' or 'global' logout OOTB ... see my workaround for IdP-initiated Single Logout

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top