The reason should be that you have not enabled single logout on service provider side. In SAML SSO configurations of your service provider there will be an option to enable single logout. At the same time make sure to have a custom logout url (for simplesaml it is required). The custom logout url for simplesaml should be as follows.
http://{simplesaml}/module.php/core/as_logout.php?AuthId={sp name}&ReturnTo= <http://localhost/simplesaml/module.php/core/as_logout.php?AuthId=wso2-sp&ReturnTo=http://localhost/simplesaml>{return url after logging out} If the service provider gets a valid SAML response on logout, IDP session will be terminated and will redirect to the ReturnTo url; On Thu, Jul 31, 2014 at 11:22 AM, Gimantha Bandara <[email protected]> wrote: > I was able to login using IS, but when I logout from simpleSAMLphp, it > gives the following error, > > SimpleSAML_Error_BadRequest: BADREQUEST('%REASON%' => 'Invalid message > received to AssertionConsumerService endpoint.') > > Backtrace: > 1 /var/simplesamlphp/simplesamlphp/modules/saml/www/sp/saml2-acs.php:18 > (require) > 0 /var/simplesamlphp/simplesamlphp/www/module.php:135 (N/A) > > > > > > On Thu, Jul 31, 2014 at 11:00 AM, Gimantha Bandara <[email protected]> > wrote: > >> Hi, >> >> @prasanna, IDP entitiy ID is set correctly. >> >> @hasintha, Thats was the problem. Default resident identity provider is >> localhost. >> >> Thanks all >> >> >> On Thu, Jul 31, 2014 at 9:47 AM, Prasanna Dangalla <[email protected]> >> wrote: >> >>> Hi, >>> >>> Check the IDP entity ID. It might be the wrong one. >>> >>> Prasanna Dangalla >>> Software Engineer, WSO2, Inc.; http://wso2.com/ >>> lean.enterprise.middleware >>> >>> cell: +94 777 55 80 30 | +94 718 11 27 51 >>> twitter: @prasa77 >>> >>> >>> On Thu, Jul 31, 2014 at 9:35 AM, Hasintha Indrajee <[email protected]> >>> wrote: >>> >>>> The problem is that the issuer of the response (IS) does not match to >>>> the identity provider which simplesaml sent the request >>>> >>>> To avoid the error you should follow the following simple steps. >>>> >>>> Go to IS admin panel >>>> In Main menu , Identity Providers -> list -> resident Identity provider >>>> >>>> From the menu you get >>>> Inbound Authentication Configuration --> SAML2 Web SSO Configuration >>>> >>>> the identity profider id value should be SAML end point of the IS- >>>> https://{yourhost}:{port}/samlsso <https://localhost:9443/samlsso> >>>> >>>> >>>> On Wed, Jul 30, 2014 at 6:58 PM, Gimantha Bandara <[email protected]> >>>> wrote: >>>> >>>>> Hi, >>>>> I am trying to set up $subject using IS 5.0.0 by following the >>>>> instruction given here[1]. when clicking on "wso-sp" in SimpleSAMLphp It >>>>> redirects me to the IS SAML2 idP for Login and after I entered the login >>>>> info, SimpleSAMLphp gives the following error. >>>>> >>>>> SimpleSAML_Error_Error: UNHANDLEDEXCEPTION >>>>> >>>>> Backtrace: >>>>> 0 /var/simplesamlphp/simplesamlphp/www/module.php:180 (N/A) >>>>> Caused by: SimpleSAML_Error_Exception: The issuer of the response does >>>>> not match to the identity provider we sent the request to. >>>>> Backtrace: >>>>> 1 /var/simplesamlphp/simplesamlphp/modules/saml/www/sp/saml2-acs.php:65 >>>>> (require) >>>>> 0 /var/simplesamlphp/simplesamlphp/www/module.php:135 (N/A) >>>>> >>>>> >>>>> Can someone help me on this? >>>>> >>>>> [1] >>>>> https://docs.wso2.com/display/IS500/SAML2+IdP+with+SimpleSAMLphp+Service+Provider >>>>> >>>>> Thanks, >>>>> >>>>> -- >>>>> Gimantha Bandara >>>>> Software Engineer >>>>> WSO2. Inc : http://wso2.com >>>>> Mobile : +94714961919 >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> [email protected] >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >> >> >> -- >> Gimantha Bandara >> Software Engineer >> WSO2. Inc : http://wso2.com >> Mobile : +94714961919 >> > > > > -- > Gimantha Bandara > Software Engineer > WSO2. Inc : http://wso2.com > Mobile : +94714961919 >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
