Hi, I have configured SAML2 authentication for an application with two Identity Server instances (IS instance 1 and IS instance 2). IS Instance 1 will act as the IDP for the application and IS instance 2 will act as the federated IDP for the application.
Once the user logs in from federated authentication to the application and logs out, a valid SAML request is* not sent* to the IDP from the application. Therefore the federated IDP does not terminate it's session. If the user again tries to log in to the application using federated SAML authentication, the login attempt will be successful without re-entering credentials. Is there a way to avoid this ? The requirement is to terminate both sessions on two IS instances once the user logs out.
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
