user3754289
Reputation: 89
Spring Security SAML Global Logout not sending saml response to IDP
I created my SP using Spring SAML Security. I'm having an issue with Global logout. The logoutRequest is sent to IDP and IDP sends back the logoutResponse. SP validates the message successfully and the logout.jsp is reached without a problem. The problem I'm having is that the IDP is expecting a “SAML Response” from the SP after successful logout to clear the session. Am I missing something in the configuration?
Upvotes: 0
Views: 1061
Answers (1)
Vladimír Schäfer
Reputation: 15533
SP is not supposed to send any additional response once it receives LogoutResponse from IDP. See saml2-profiles, chapter 4.4 for details. It also contains a nice picture which illustrates the message exchanges.
Upvotes: 2
Related Questions
- How to logout from Saml IDP when I logout from my application
- Spring Security SAML Extension - callback for Single Log Out from Idp
- WSO2 and Spring SAML single logout issue
- Spring Security SAML One Login Global Single Logout LogoutRequest Parsing Issue
- SAML IDP Login Form not prompted after local logout
- How can I get Global Logout working in a multi tenant SAML application using spring-security-saml?
- How to view SAML logout request and response on logout.jsp
- Spring SAML - Global logout not working after hitting URL '/saml/logout'
- how to achieve global Logout for specific SP from IDP side?
- spring saml: How is LOGOUT handled? Is it mandatory to have logout endpoint in IDP metadata xml?