Hi All,
>> b) - At number 5 in the diagram, i.e. when the logout request is
>> received, we wrap the request and response and send over to our
>> common-auth servelet. Here before invoking the common-auth servelet, we
>> will retrieve session Id from the map (using the SAML Session Index) and
>> set it in the wrapper object.
>>
>
> Request which forwards to the commonauth endpoint will have a format
> similar to following,
>
> */commonauth?commonAuthLogout=true&type={type}&commonAuthCallerPath={some-url}&relyingParty={sp-name}*
> NOTE: Need to verify whether relyingParty parameter is required or not.
>
> After logout from the framework, the saml-sso outbound component will
> verify the response and will build a valid SAML2 logout response and send
> back to the federated IdP.
>
I have created a Servlet endpoint [1] to access SAML logout request from
FIDP and register this Servlet as service [2]. Here, I get the session id
using the session index and set it inside wrapper object and forward that
to the commonauth endpoint. When I sent a logout request from FIDP, FIDP is
logged out but SP is is not getting logged out even we sent the sessionID
to invalidate the session and observe the error [1] at the back end.
Is there anything I need to do more than this?
[1]
https://github.com/Kanapriya/saml-sso-outbound/blob/master/components/org.wso2.carbon.identity.application.authenticator.samlsso/src/main/java/org/wso2/carbon/identity/application/authenticator/samlsso/SAML2FederatedLogoutRequestHandler.java
[2]
https://github.com/Kanapriya/saml-sso-outbound/blob/master/components/org.wso2.carbon.identity.application.authenticator.samlsso/src/main/java/org/wso2/carbon/identity/application/authenticator/samlsso/internal/SAMLSSOAuthenticatorServiceComponent.java#L74
Thanks,
Kanapriya
>
>
>>
>> @Thanuja and Malithi: Please add anything that I have missed. And also
>> appreciate code snippets for above (a) and (b).
>>
>> After the POC implementation, we will have another review.
>>
>> thank you,
>> Dimuthu
>>
>> --
>> Dimuthu Leelarathne
>> Director, Solutions Architecture
>>
>> WSO2, Inc. (http://wso2.com)
>> email: [email protected]
>> Mobile: +94773661935 <+94%2077%20366%201935>
>> Blog: http://muthulee.blogspot.com
>>
>> Lean . Enterprise . Middleware
>>
>
> [1] - https://github.com/wso2/carbon-identity-framework/blob/5.
> 11.x/components/authentication-framework/org.wso2.carbon.
> identity.application.authentication.framework/src/
> main/java/org/wso2/carbon/identity/application/
> authentication/framework/util/FrameworkUtils.java#L1258
>
>
> <https://github.com/wso2/carbon-identity-framework/blob/5.11.x/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkUtils.java#L1258>[2]
> - https://github.com/wso2/carbon-identity-framework/
> blob/5.11.x/components/authentication-framework/org.wso2.carbon.identity.
> application.authentication.framework/src/main/java/org/
> wso2/carbon/identity/application/authentication/framework/
> AuthenticationDataPublisher.java
>
> [3] - https://github.com/wso2-extensions/identity-governance/blob/master/
> components/org.wso2.carbon.identity.captcha/src/main/
> java/org/wso2/carbon/identity/captcha/validator/
> FailLoginAttemptValidator.java
>
> [4] - https://github.com/wso2/carbon-identity-framework/
> blob/5.11.x/components/authentication-framework/org.wso2.carbon.identity.
> application.authentication.framework/src/main/java/org/
> wso2/carbon/identity/application/authentication/framework/model/
> CommonAuthRequestWrapper.java
>
> [5] - https://github.com/wso2/carbon-identity-framework/
> blob/5.11.x/components/authentication-framework/org.wso2.carbon.identity.
> application.authentication.framework/src/main/java/org/
> wso2/carbon/identity/application/authentication/framework/model/
> CommonAuthResponseWrapper.java
>
>
> Thanks,
> Thanuja
> --
> *Thanuja Lakmal*
> Associate Technical Lead
> WSO2 Inc. http://wso2.com/
> *lean.enterprise.middleware*
> Mobile: +94715979891
>
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
