Hi Dimuthu, Recently, we did a similar setup, which involves a Federated IDP of OIDC. All internal apps configured with SAML SSO. Login flow worked smoothly with oidc authenticator; however external apps initiated logout(inbound logout requests from OIDC-to-SAML) and internal apps initiated logout(outbound logout requests SAML-to-OIDC) were not supported.
[image: Inline image 1] @Darshana I believe we can re-use this session management capability for our use case as well. Then we can reduce the effort duplication. WDYT? Best Regards, ~Rasika On Mon, Jan 15, 2018 at 1:46 PM, Dimuthu Leelarathne <[email protected]> wrote: > > > On Mon, Jan 15, 2018 at 1:32 PM, Dimuthu Leelarathne <[email protected]> > wrote: > >> Hi All, >> >> Please consider the below scenario. >> >> >> >> >> >> When the Federated IdP sends the logout request we have to logout the >> user from the WSO2IS. The proposed POC is as follows. >> >> - 1 & 4 are OAuth flows >> - 2 & 3 are SAML flows >> >> Participants of the discussion: Malithi, Thanuja and Dimuthu >> >> For the POC we will do the following. >> >> a) - At number 4 in the diagram, i.e. at the conclusion flow, we >> implement a listener that would record the SAML session Index vs. session >> Id in an appropriate data structure (for the POC it is a map). This handler >> will be in the out-boud SAML component. >> >> b) - At number 5 in the diagram, i.e. when the logout request is >> received, we wrap the request and response and send over to our >> common-auth servelet. Here before invoking the common-auth servelet, we >> will retrieve session Id from the map (using the SAML Session Index) and >> set it in the wrapper object. >> >> @Thanuja and Malithi: Please add anything that I have missed. And also >> appreciate code snippets for above (a) and (b). >> >> After the POC implementation, we will have another review. >> >> thank you, >> Dimuthu >> >> -- >> Dimuthu Leelarathne >> Director, Solutions Architecture >> >> WSO2, Inc. (http://wso2.com) >> email: [email protected] >> Mobile: +94773661935 <077%20366%201935> >> Blog: http://muthulee.blogspot.com >> >> Lean . Enterprise . Middleware >> > > > > -- > Dimuthu Leelarathne > Director, Solutions Architecture > > WSO2, Inc. (http://wso2.com) > email: [email protected] > Mobile: +94773661935 <+94%2077%20366%201935> > Blog: http://muthulee.blogspot.com > > Lean . Enterprise . Middleware > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- With Regards, *Rasika Perera* Senior Software Engineer LinkedIn: http://lk.linkedin.com/in/rasika90 <http://wso2.com/signature> WSO2 Inc. www.wso2.com lean.enterprise.middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
