Hi, I am working on the *SP initiated single logout* in identity server, when *Spring Security SAML extension* is involved.
In this scenario, a *back-channel request* has to be sent to Spring Security SAML Single Logout endpoint from the identity server. The issue is in identifying the necessary format of the back-channel logout request that need to be sent from the IS to the Spring Security SAML application. I've tried out sending requests in following [1] and [2] formats. But received failed single logout response from with status code [3] and [4] respectively. I've herewith attached the requests which has been tested in IS. Really appreciate any help on identifying the proper format. [1] SAML : <saml2p:LogoutRequest> <saml2:Issuer>...</saml2:Issuer>... </saml2p:LogoutRequest> [2] SAML SOAP binding : <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/ "> <SOAP-ENV:Body> <saml2p:LogoutRequest> <saml2:Issuer>...</saml2:Issuer>... </saml2p:LogoutRequest> </SOAP-ENV:Body> </SOAP-ENV:Envelope> [3] Response : Moved Temporarily, Status Code : 302 [4] Response : Internal Server Error, Status Code : 500 Reference : http://docs.spring.io/spring-security-saml/docs/current/reference/html/chapter-quick-start.html https://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf Thanks and Regards -- Indunil Upeksha Rathnayake Software Engineer | WSO2 Inc Email [email protected]
soap_request
Description: Binary data
saml_request
Description: Binary data
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
