Hi Malithi,
I have set the session as cookie in wrappped servlet request [1]. Now, it
resolves the above mentioned error when I initiated a logout request from
FIDP (avis.com). But with that also I couldn't logout the SP and I observed
the following debug log in the console.
[2018-01-19 13:27:12,126] ERROR {org.wso2.carbon.identity.
application.authenticator.samlsso.SAML2FederatedLogoutRequestHandler} -
Recieved sessionIndex **************1750291c-611b-4305-9fbc-40ba183d5878
[2018-01-19 13:27:12,127] ERROR {org.wso2.carbon.identity.
application.authenticator.samlsso.SAML2FederatedLogoutRequestHandler}
- *Recieved
ContextId **************
9b8245d49407465772c9d25fef729bef3d00f07902b1c9d74d7795074557351d*
[2018-01-19 13:27:12,127] DEBUG {org.wso2.carbon.identity.
application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
- Initializing the flow
[2018-01-19 13:27:12,127] DEBUG {org.wso2.carbon.identity.
application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
- Framework contextId: c694dedf-6893-4960-addb-9e5b5e1e6cad
[2018-01-19 13:27:12,127] DEBUG {org.wso2.carbon.identity.
application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
- Starting a logout flow
[2018-01-19 13:27:12,128] DEBUG {org.wso2.carbon.identity.
application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
- Outbound Query String: sessionDataKey=c694dedf-6893-
4960-addb-9e5b5e1e6cad&relyingParty=travelocity.com&type=samlsso&sp=
travelocity.com&isSaaSApp=false
[2018-01-19 13:27:12,130] DEBUG {org.wso2.carbon.identity.
application.authentication.framework.handler.request.impl.DefaultLogoutRequestHandler}
- Sending response back to: http://localhost:8080/travelocity.com/home.jsp.
..
commonAuthLoggedOut : true
sessionDataKey: null
@ Dimuthu : I have checked IS cookie in the browser, but It's not the same
as the cookie what I store in the map against the sessionIndex. Please find
the screen shot below :
[image: Inline image 1]
[1] https://github.com/Kanapriya/saml-sso-outbound/blob/master/
components/org.wso2.carbon.identity.application.authenticator.samlsso/src/
main/java/org/wso2/carbon/identity/application/authenticator/samlsso/
SAML2FederatedLogoutRequestHandler.java#L137
Am I missing anything ? How can I proceed with this further?
Thanks,
Kanapriya
Kanapriya Kuleswararajan
Software Engineer
Mobile : - 0774894438
Mail : - [email protected]
LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/
WSO2, Inc.
lean . enterprise . middleware
On Fri, Jan 19, 2018 at 8:27 AM, Dimuthu Leelarathne <[email protected]>
wrote:
> Hi Kanapriya,
>
> Also, pls check whether the IS cookie in the browser is the same as the
> cookie you store in the map against the sessionIndex have the same value.
>
> thanks,
> Dimuthu
>
>
> On Fri, Jan 19, 2018 at 7:15 AM, Malithi Edirisinghe <[email protected]>
> wrote:
>
>> You have to set the session as a cookie in the wrappped servlet request.
>> Otherwise framework will not pick the session with respect to this flow.
>>
>> On Fri, Jan 19, 2018 at 12:22 AM, Kanapriya Kuleswararajan <
>> [email protected]> wrote:
>>
>>> Hi Malithi,
>>>
>>> Thanks for the suggestion, I wrapped the relevant parameters which is
>>> mentioned in the following endpoint [1] as per the off-line discussion and
>>> directly invoke the Java API [2] instead of forward the wrapper object to
>>> the common auth endpoint. Now I got an different error [3].
>>>
>>> [1]
>>> */commonauth?commonAuthLogout=true&type={type}&commonAuthCallerPath={some-url}&relyingParty={sp-name}*
>>>
>>> [2] https://github.com/Kanapriya/saml-sso-outbound/blob/master/c
>>> omponents/org.wso2.carbon.identity.application.authenticator
>>> .samlsso/src/main/java/org/wso2/carbon/identity/application/
>>> authenticator/samlsso/SAML2FederatedLogoutRequestHandler.java#L131
>>>
>>> [3]
>>>
>>> [2018-01-19 00:10:36,771] DEBUG {org.wso2.carbon.identity.appl
>>> ication.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
>>> - retrieving authentication request from cache..
>>> [2018-01-19 00:10:36,772] ERROR {org.wso2.carbon.identity.appl
>>> ication.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
>>> - Exception in Authentication Framework
>>> org.wso2.carbon.identity.application.authentication.framewor
>>> k.exception.FrameworkException: Invalid authentication request. Session
>>> data key : 23b80283629e8b46fff6978874f46cf34664c78abd168d9d47dff7031dff
>>> de7e
>>> at org.wso2.carbon.identity.application.authentication.framewor
>>> k.handler.request.impl.DefaultRequestCoordinator.handle(Defa
>>> ultRequestCoordinator.java:111)
>>> at org.wso2.carbon.identity.application.authentication.framewor
>>> k.CommonAuthenticationHandler.doPost(CommonAuthenticationHan
>>> dler.java:46)
>>> at org.wso2.carbon.identity.application.authentication.framewor
>>> k.CommonAuthenticationHandler.doGet(CommonAuthenticationHandler.java:37)
>>> at org.wso2.carbon.identity.application.authenticator.samlsso.S
>>> AML2FederatedLogoutRequestHandler.initiateLogRequest(SAML2Fe
>>> deratedLogoutRequestHandler.java:139)
>>> at org.wso2.carbon.identity.application.authenticator.samlsso.S
>>> AML2FederatedLogoutRequestHandler.doPost(SAML2FederatedLogou
>>> tRequestHandler.java:82)
>>>
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>>> at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.se
>>> rvice(ContextPathServletAdaptor.java:37)
>>> at org.eclipse.equinox.http.servlet.internal.ServletRegistratio
>>> n.service(ServletRegistration.java:61)
>>> at org.eclipse.equinox.http.servlet.internal.ProxyServlet.proce
>>> ssAlias(ProxyServlet.java:128)
>>> at org.eclipse.equinox.http.servlet.internal.ProxyServlet.servi
>>> ce(ProxyServlet.java:60)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>>> at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service
>>> (DelegationServlet.java:68)
>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>> lter(ApplicationFilterChain.java:303)
>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>> licationFilterChain.java:208)
>>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilte
>>> r.java:52)
>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>> lter(ApplicationFilterChain.java:241)
>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>> licationFilterChain.java:208)
>>> at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter
>>> .java:72)
>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>> lter(ApplicationFilterChain.java:241)
>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>> licationFilterChain.java:208)
>>> at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilte
>>> r(CharacterSetFilter.java:65)
>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>> lter(ApplicationFilterChain.java:241)
>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>> licationFilterChain.java:208)
>>> at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilte
>>> r(HttpHeaderSecurityFilter.java:124)
>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>> lter(ApplicationFilterChain.java:241)
>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>> licationFilterChain.java:208)
>>> at org.apache.catalina.core.StandardWrapperValve.invoke(Standar
>>> dWrapperValve.java:219)
>>> at org.apache.catalina.core.StandardContextValve.invoke(Standar
>>> dContextValve.java:110)
>>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(A
>>> uthenticatorBase.java:506)
>>> at org.apache.catalina.core.StandardHostValve.invoke(StandardHo
>>> stValve.java:169)
>>> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo
>>> rtValve.java:103)
>>> at org.wso2.carbon.identity.context.rewrite.valve.TenantContext
>>> RewriteValve.invoke(TenantContextRewriteValve.java:80)
>>> at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invo
>>> ke(AuthorizationValve.java:91)
>>> at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invo
>>> ke(AuthenticationValve.java:60)
>>> at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInv
>>> ocation(CompositeValve.java:99)
>>> at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke
>>> (CarbonTomcatValve.java:47)
>>> at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(Tena
>>> ntLazyLoaderValve.java:57)
>>> at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invok
>>> eValves(TomcatValveContainer.java:47)
>>> at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(Comp
>>> ositeValve.java:62)
>>> at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetection
>>> Valve.invoke(CarbonStuckThreadDetectionValve.java:159)
>>> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogVa
>>> lve.java:962)
>>> at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.
>>> invoke(CarbonContextCreatorValve.java:57)
>>> at org.apache.catalina.core.StandardEngineValve.invoke(Standard
>>> EngineValve.java:116)
>>> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd
>>> apter.java:445)
>>> at org.apache.coyote.http11.AbstractHttp11Processor.process(Abs
>>> tractHttp11Processor.java:1115)
>>> at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler
>>> .process(AbstractProtocol.java:637)
>>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun
>>> (NioEndpoint.java:1775)
>>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(N
>>> ioEndpoint.java:1734)
>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool
>>> Executor.java:1142)
>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo
>>> lExecutor.java:617)
>>> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.r
>>> un(TaskThread.java:61)
>>> at java.lang.Thread.run(Thread.java:745)
>>>
>>> Appreciate your input on this.
>>>
>>> Thanks,
>>> Kanapriya
>>>
>>> Kanapriya Kuleswararajan
>>> Software Engineer
>>> Mobile : - 0774894438 <077%20489%204438>
>>> Mail : - [email protected]
>>> LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/
>>> WSO2, Inc.
>>> lean . enterprise . middleware
>>>
>>>
>>> On Thu, Jan 18, 2018 at 10:31 PM, Malithi Edirisinghe <[email protected]
>>> > wrote:
>>>
>>>> Hi Kanapriya,
>>>>
>>>> So seems you have dispatched back to the servlet transport. With this
>>>> you won't be able to respond back to the federated IdP as the response is
>>>> committed. Instead, follow the approach at [1]. There you wrap request and
>>>> response and directly invoke the Java API, which will return the request
>>>> and response handled by the servlet endpoint. Then you can verify and
>>>> respond back to the federated IdP.
>>>>
>>>> [1] https://github.com/wso2-extensions/identity-inbound-auth
>>>> -saml/blob/5.3.x/components/org.wso2.carbon.identity.sso.sam
>>>> l/src/main/java/org/wso2/carbon/identity/sso/saml/servlet/SA
>>>> MLSSOProviderServlet.java#L1219
>>>>
>>>> Thanks,
>>>> Malithi.
>>>>
>>>> On Thu, Jan 18, 2018 at 7:29 PM, Kanapriya Kuleswararajan <
>>>> [email protected]> wrote:
>>>>
>>>>> Please find the error log below :
>>>>>
>>>>> ERROR {org.apache.catalina.core.ApplicationDispatcher} -
>>>>> Servlet.service() for servlet bridgeservlet threw exception
>>>>> java.lang.StringIndexOutOfBoundsException: String index out of range:
>>>>> -1
>>>>> at java.lang.String.substring(String.java:1967)
>>>>> at org.eclipse.equinox.http.servlet.internal.ProxyServlet.servi
>>>>> ce(ProxyServlet.java:70)
>>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>>>>> at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service
>>>>> (DelegationServlet.java:68)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>>>> lter(ApplicationFilterChain.java:303)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>>>> licationFilterChain.java:208)
>>>>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilte
>>>>> r.java:52)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>>>> lter(ApplicationFilterChain.java:241)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>>>> licationFilterChain.java:208)
>>>>> at org.apache.catalina.core.ApplicationDispatcher.invoke(Applic
>>>>> ationDispatcher.java:743)
>>>>> at org.apache.catalina.core.ApplicationDispatcher.processReques
>>>>> t(ApplicationDispatcher.java:485)
>>>>> at org.apache.catalina.core.ApplicationDispatcher.doForward(App
>>>>> licationDispatcher.java:410)
>>>>> at org.apache.catalina.core.ApplicationDispatcher.forward(Appli
>>>>> cationDispatcher.java:337)
>>>>> at org.eclipse.equinox.http.servlet.internal.RequestDispatcherA
>>>>> daptor.forward(RequestDispatcherAdaptor.java:30)
>>>>> at org.eclipse.equinox.http.helper.ContextPathServletAdaptor$Re
>>>>> questDispatcherAdaptor.forward(ContextPathServletAdaptor.java:362)
>>>>> at org.wso2.carbon.identity.application.authenticator.samlsso.S
>>>>> AML2FederatedLogoutRequestHandler.initiateLogRequest(SAML2Fe
>>>>> deratedLogoutRequestHandler.java:136)
>>>>> at org.wso2.carbon.identity.application.authenticator.samlsso.S
>>>>> AML2FederatedLogoutRequestHandler.doPost(SAML2FederatedLogou
>>>>> tRequestHandler.java:79)
>>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
>>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>>>>> at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.se
>>>>> rvice(ContextPathServletAdaptor.java:37)
>>>>> at org.eclipse.equinox.http.servlet.internal.ServletRegistratio
>>>>> n.service(ServletRegistration.java:61)
>>>>> at org.eclipse.equinox.http.servlet.internal.ProxyServlet.proce
>>>>> ssAlias(ProxyServlet.java:128)
>>>>> at org.eclipse.equinox.http.servlet.internal.ProxyServlet.servi
>>>>> ce(ProxyServlet.java:60)
>>>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
>>>>> at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service
>>>>> (DelegationServlet.java:68)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>>>> lter(ApplicationFilterChain.java:303)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>>>> licationFilterChain.java:208)
>>>>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilte
>>>>> r.java:52)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>>>> lter(ApplicationFilterChain.java:241)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>>>> licationFilterChain.java:208)
>>>>> at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter
>>>>> .java:72)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>>>> lter(ApplicationFilterChain.java:241)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>>>> licationFilterChain.java:208)
>>>>> at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilte
>>>>> r(CharacterSetFilter.java:65)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>>>> lter(ApplicationFilterChain.java:241)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>>>> licationFilterChain.java:208)
>>>>> at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilte
>>>>> r(HttpHeaderSecurityFilter.java:124)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi
>>>>> lter(ApplicationFilterChain.java:241)
>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App
>>>>> licationFilterChain.java:208)
>>>>> at org.apache.catalina.core.StandardWrapperValve.invoke(Standar
>>>>> dWrapperValve.java:219)
>>>>> at org.apache.catalina.core.StandardContextValve.invoke(Standar
>>>>> dContextValve.java:110)
>>>>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(A
>>>>> uthenticatorBase.java:506)
>>>>> at org.apache.catalina.core.StandardHostValve.invoke(StandardHo
>>>>> stValve.java:169)
>>>>> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo
>>>>> rtValve.java:103)
>>>>> at org.wso2.carbon.identity.context.rewrite.valve.TenantContext
>>>>> RewriteValve.invoke(TenantContextRewriteValve.java:80)
>>>>> at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invo
>>>>> ke(AuthorizationValve.java:91)
>>>>> at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invo
>>>>> ke(AuthenticationValve.java:60)
>>>>> at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInv
>>>>> ocation(CompositeValve.java:99)
>>>>> at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke
>>>>> (CarbonTomcatValve.java:47)
>>>>> at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(Tena
>>>>> ntLazyLoaderValve.java:57)
>>>>> at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invok
>>>>> eValves(TomcatValveContainer.java:47)
>>>>> at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(Comp
>>>>> ositeValve.java:62)
>>>>> at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetection
>>>>> Valve.invoke(CarbonStuckThreadDetectionValve.java:159)
>>>>> at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogVa
>>>>> lve.java:962)
>>>>> at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.
>>>>> invoke(CarbonContextCreatorValve.java:57)
>>>>> at org.apache.catalina.core.StandardEngineValve.invoke(Standard
>>>>> EngineValve.java:116)
>>>>> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd
>>>>> apter.java:445)
>>>>> at org.apache.coyote.http11.AbstractHttp11Processor.process(Abs
>>>>> tractHttp11Processor.java:1115)
>>>>> at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler
>>>>> .process(AbstractProtocol.java:637)
>>>>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun
>>>>> (NioEndpoint.java:1775)
>>>>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(N
>>>>> ioEndpoint.java:1734)
>>>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool
>>>>> Executor.java:1142)
>>>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo
>>>>> lExecutor.java:617)
>>>>> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.r
>>>>> un(TaskThread.java:61)
>>>>> at java.lang.Thread.run(Thread.java:745)
>>>>>
>>>>> Thanks,
>>>>> Kanapriya
>>>>>
>>>>> Kanapriya Kuleswararajan
>>>>> Software Engineer
>>>>> Mobile : - 0774894438 <077%20489%204438>
>>>>> Mail : - [email protected]
>>>>> LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/
>>>>> WSO2, Inc.
>>>>> lean . enterprise . middleware
>>>>>
>>>>>
>>>>> On Thu, Jan 18, 2018 at 7:27 PM, Kanapriya Kuleswararajan <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> Hi All,
>>>>>>
>>>>>>
>>>>>>>> b) - At number 5 in the diagram, i.e. when the logout request is
>>>>>>>> received, we wrap the request and response and send over to our
>>>>>>>> common-auth servelet. Here before invoking the common-auth servelet, we
>>>>>>>> will retrieve session Id from the map (using the SAML Session Index)
>>>>>>>> and
>>>>>>>> set it in the wrapper object.
>>>>>>>>
>>>>>>>
>>>>>>> Request which forwards to the commonauth endpoint will have a format
>>>>>>> similar to following,
>>>>>>>
>>>>>>> */commonauth?commonAuthLogout=true&type={type}&commonAuthCallerPath={some-url}&relyingParty={sp-name}*
>>>>>>> NOTE: Need to verify whether relyingParty parameter is required or
>>>>>>> not.
>>>>>>>
>>>>>>> After logout from the framework, the saml-sso outbound
>>>>>>> component will verify the response and will build a valid SAML2 logout
>>>>>>> response and send back to the federated IdP.
>>>>>>>
>>>>>>
>>>>>> I have created a Servlet endpoint [1] to access SAML logout request
>>>>>> from FIDP and register this Servlet as service [2]. Here, I get the
>>>>>> session
>>>>>> id using the session index and set it inside wrapper object and forward
>>>>>> that to the commonauth endpoint. When I sent a logout request from FIDP,
>>>>>> FIDP is logged out but SP is is not getting logged out even we sent the
>>>>>> sessionID to invalidate the session and observe the error [1] at the back
>>>>>> end.
>>>>>>
>>>>>> Is there anything I need to do more than this?
>>>>>>
>>>>>> [1] https://github.com/Kanapriya/saml-sso-outbound/blob/master/c
>>>>>> omponents/org.wso2.carbon.identity.application.authenticator
>>>>>> .samlsso/src/main/java/org/wso2/carbon/identity/application/
>>>>>> authenticator/samlsso/SAML2FederatedLogoutRequestHandler.java
>>>>>>
>>>>>> [2] https://github.com/Kanapriya/saml-sso-outbound/blob/master/c
>>>>>> omponents/org.wso2.carbon.identity.application.authenticator
>>>>>> .samlsso/src/main/java/org/wso2/carbon/identity/application/
>>>>>> authenticator/samlsso/internal/SAMLSSOAuthenticatorServiceCo
>>>>>> mponent.java#L74
>>>>>>
>>>>>> Thanks,
>>>>>> Kanapriya
>>>>>>
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> @Thanuja and Malithi: Please add anything that I have missed. And
>>>>>>>> also appreciate code snippets for above (a) and (b).
>>>>>>>>
>>>>>>>> After the POC implementation, we will have another review.
>>>>>>>>
>>>>>>>> thank you,
>>>>>>>> Dimuthu
>>>>>>>>
>>>>>>>> --
>>>>>>>> Dimuthu Leelarathne
>>>>>>>> Director, Solutions Architecture
>>>>>>>>
>>>>>>>> WSO2, Inc. (http://wso2.com)
>>>>>>>> email: [email protected]
>>>>>>>> Mobile: +94773661935 <+94%2077%20366%201935>
>>>>>>>> Blog: http://muthulee.blogspot.com
>>>>>>>>
>>>>>>>> Lean . Enterprise . Middleware
>>>>>>>>
>>>>>>>
>>>>>>> [1] - https://github.com/wso2/carbon-identity-framework/blob/5.1
>>>>>>> 1.x/components/authentication-framework/org.wso2.carbon.iden
>>>>>>> tity.application.authentication.framework/src/main/java/org/
>>>>>>> wso2/carbon/identity/application/authentication/framework/ut
>>>>>>> il/FrameworkUtils.java#L1258
>>>>>>>
>>>>>>>
>>>>>>> <https://github.com/wso2/carbon-identity-framework/blob/5.11.x/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/FrameworkUtils.java#L1258>[2]
>>>>>>> - https://github.com/wso2/carbon-identity-framework/blob/5.1
>>>>>>> 1.x/components/authentication-framework/org.wso2.carbon.iden
>>>>>>> tity.application.authentication.framework/src/main/java/org/
>>>>>>> wso2/carbon/identity/application/authentication/framework/Au
>>>>>>> thenticationDataPublisher.java
>>>>>>>
>>>>>>> [3] - https://github.com/wso2-extensions/identity-governance/blo
>>>>>>> b/master/components/org.wso2.carbon.identity.captcha/src/mai
>>>>>>> n/java/org/wso2/carbon/identity/captcha/validator/FailLoginA
>>>>>>> ttemptValidator.java
>>>>>>>
>>>>>>> [4] - https://github.com/wso2/carbon-identity-framework/blob/5.1
>>>>>>> 1.x/components/authentication-framework/org.wso2.carbon.iden
>>>>>>> tity.application.authentication.framework/src/main/java/org/
>>>>>>> wso2/carbon/identity/application/authentication/framework/mo
>>>>>>> del/CommonAuthRequestWrapper.java
>>>>>>>
>>>>>>> [5] - https://github.com/wso2/carbon-identity-framework/blob/5.1
>>>>>>> 1.x/components/authentication-framework/org.wso2.carbon.iden
>>>>>>> tity.application.authentication.framework/src/main/java/org/
>>>>>>> wso2/carbon/identity/application/authentication/framework/mo
>>>>>>> del/CommonAuthResponseWrapper.java
>>>>>>>
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Thanuja
>>>>>>> --
>>>>>>> *Thanuja Lakmal*
>>>>>>> Associate Technical Lead
>>>>>>> WSO2 Inc. http://wso2.com/
>>>>>>> *lean.enterprise.middleware*
>>>>>>> Mobile: +94715979891
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *Malithi Edirisinghe*
>>>> Associate Technical Lead
>>>> WSO2 Inc.
>>>>
>>>> Mobile : +94 (0) 718176807
>>>> [email protected]
>>>>
>>>
>>>
>>
>>
>> --
>>
>> *Malithi Edirisinghe*
>> Associate Technical Lead
>> WSO2 Inc.
>>
>> Mobile : +94 (0) 718176807
>> [email protected]
>>
>
>
>
> --
> Dimuthu Leelarathne
> Director, Solutions Architecture
>
> WSO2, Inc. (http://wso2.com)
> email: [email protected]
> Mobile: +94773661935 <+94%2077%20366%201935>
> Blog: http://muthulee.blogspot.com
>
> Lean . Enterprise . Middleware
>
_______________________________________________
Architecture mailing list
[email protected]
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
