WSO2 AuthenticationAdmin Logout

StackOverflow https://stackoverflow.com/questions/17315513

Question

I am working with version 4.1.0 of the WSO2 Identity Server. I have used the WSO2 AuthenticationAdmin services (localhost:9443/services/AuthenticationAdmin) to login, check authenticator, etc. There is also an operation for 'logout'.

When soapUI generates the logout request, it does not contain any noteworthy elements, as is confirmed by the schema (xsd) with the namespace http://authentication.services.core.carbon.wso2.org. The SOAP request body is as follows.

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:aut="http://authentication.services.core.carbon.wso2.org">
 <soap:Header/>
   <soap:Body>
     <aut:logout/>
 </soap:Body>
</soap:Envelope>

When sending a request, the RAW response is as follows.

HTTP/1.1 202 Accepted
Date: Wed, 26 Jun 2013 08:29:48 GMT
Server: WSO2 Carbon Server
Content-Type: text/xml;charset=UTF-8
Set-Cookie: JSESSIONID=94784CC9FC03E9FA3822CFDDAD0D36F6; Path=/; Secure; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

First of all, do I think there is no SOAP message in the response. Also, the HTTP status is 202, which means that the request is accepted for processing, but the processing has not yet been completed.

How do I logout with this service?

What elements should be added to the < aut:logout > ?

Should a JSESSIONID be added to the header of the request?

How can this logout be combined with the loginWithRememberMeOption ?

------- UPDATE After reviewing the xsd I saw that a wsa:action must be added to the SOAP Header. After doing this, I received the following reply. This reply asks for a MessageID. But I am not sure what this value should be.

<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
   <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
      <wsa:Action>http://www.w3.org/2005/08/addressing/fault</wsa:Action>
   </soapenv:Header>
   <soapenv:Body>
      <soapenv:Fault>
         <soapenv:Code>
            <soapenv:Value>soapenv:Sender</soapenv:Value>
            <soapenv:Subcode>
               <soapenv:Value xmlns:wsa="http://www.w3.org/2005/08/addressing">wsa:MessageAddressingHeaderRequired</soapenv:Value>
            </soapenv:Subcode>
         </soapenv:Code>
         <soapenv:Reason>
            <soapenv:Text xml:lang="en-US">A required header representing a Message Addressing Property is not present</soapenv:Text>
         </soapenv:Reason>
         <soapenv:Detail>
            <wsa:ProblemHeaderQName xmlns:wsa="http://www.w3.org/2005/08/addressing">wsa:MessageID</wsa:ProblemHeaderQName>
         </soapenv:Detail>
      </soapenv:Fault>
   </soapenv:Body>
</soapenv:Envelope>

When adding a generated MessageID, the is once again an empty SOAP reply with a HTTP 202 status.

Was it helpful?

Solution

The logout method just invalidates the session.

You just call the logout operation as it is from the soapUI. There are no parameters to it.

If you look at the AuthenticationAdmin WSDL, you can see that there is no output for logout operation. That's why you get HTTP 202 status code.

You can view the WSDL by changing <HideAdminServiceWSDLs> configuration to false in carbon.xml (/repository/conf/carbon.xml)

<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>

Type following in your browser to view the WSDL.

https://:9443/services/AuthenticationAdmin?wsdl

I hope this helps!

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top