Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

spring saml: How is LOGOUT handled? Is it mandatory to have logout endpoint in IDP metadata xml?

I am using Spring SAML implementation. SSO circle metadata xml was having logout endpoint which helps in local logout and global logout. But there are some other IDP's which I am interacting with and are not having logout endpoints in their metadata xml.

How should LOGOUT be handled in these scenarios?

Is deleting cookies of the request the only solution of this problem or is there any workaround for this scenario?

Your help in this regard is much appreciated.

like image 505
SM KUMAR Avatar asked Oct 14 '14 08:10

SM KUMAR


1 Answers

It is not mandatory for your IDPs to have a SingleLogout endpoint. You can perform local logout which cleans local cookies by calling /saml/logout?local=true. You can find all the details in the manual.

like image 93
Vladimír Schäfer Avatar answered Oct 03 '22 06:10

Vladimír Schäfer