Hi John, Since we verify the request parameters with the cookie, we need to see whether something has happened in that verification. SSO tracer will help in this issue. Can you please add the sso tracer plugin to the firefox, if you haven't already. ( You can refer [1] if needed). Please take the sso tracer and send the SAML requests and responses. It will be really helpful to come to the final decision about what is really going under. Also note that IdP initiated SLO option is given from IS 5.1.0. IS 5.0.0 has Enable IdP initiated SSO only. Which version did you try exactly?
[1] https://ping.force.com/Support/PingOne/PingOne-General/PingOne-How-do-I-use-SSO-Tracer-SAML-Tracer-and-Live-HTTP-Headers-to-Troubleshoot-PingOne-Issues Thanks. On Mon, Nov 16, 2015 at 3:53 PM, John Lee <[email protected]> wrote: > Just to mention that I'm proxying re-directs with apache web servers at > both domains. So requests from primary to secondary go through apache web > server in the secondary domain, and responses from the secondary are > proxied through the web server of the primary domain. In the example > provided in the documentation both identity servers are communicating > directly. ( > https://docs.wso2.com/display/IS500/Connecting+Two+Identity+Servers+with+SAML+SSO > ) > > I'll first provide some more debug level logs captured immediately after > the logout operation, and then I'll outline my configuration. > > Logs at Primary IS > ============== > TID: [0] [IS] [2015-11-16 09:49:53,918] DEBUG > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - Query > string : > slo=true&spEntityID=https%3A%2F%2Fservices.firecrestclinical.com%2Fsp%2Ffcp > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} > TID: [0] [IS] [2015-11-16 09:49:53,920] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} > - Session Data removing Task is started to run > {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} > TID: [0] [IS] [2015-11-16 09:49:53,923] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} > - Session Data persisting Task is started to run > {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} > TID: [0] [IS] [2015-11-16 09:49:53,934] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - retrieving authentication request from cache.. > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,934] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} > - > Inbound Request parameters: > commonAuthCallerPath={%2Fsamlsso} > commonAuthLogout={true} > relyingParty={https://services.firecrestclinical.com/sp/fcp} > slo={true} > spEntityID={https://services.firecrestclinical.com/sp/fcp} > {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} > TID: [0] [IS] [2015-11-16 09:49:53,934] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Initializing the flow > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,934] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Framework contextId: 02df94c5-8b91-40d5-b3b3-02c87eeeded4 > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,934] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Starting a logout flow > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,936] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - commonAuthId cookie is available with the value: > 6fd45432-66a9-45ee-9a4c-bdb53b4a9f62 > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,937] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Service Provider is: firecrest_sp > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,937] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - A previously authenticated sequence found for the SP: firecrest_sp > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,937] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Already authenticated by username: > User-395372cd-3919-46af-967f-6a28633d442b > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,937] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Outbound Query String: > commonAuthCallerPath=%252Fsamlsso&commonAuthLogout=true&relyingParty=https%3A%2F% > 2Fservices.firecrestclinical.com > %2Fsp%2Ffcp&slo=true&spEntityID=https%3A%2F% > 2Fservices.firecrestclinical.com > %2Fsp%2Ffcp&type=samlsso&sessionDataKey=02df94c5-8b91-40d5-b3b3-02c87eeeded4&relyingParty= > https://services.firecrestclinical.com/sp/fcp&type=samlsso&sp=firecrest_sp&isSaaSApp=false > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:53,937] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade} > - Trying to find the IdP for name: exostar_idp > {org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade} > TID: [0] [IS] [2015-11-16 09:49:53,937] DEBUG > {org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO} - Cache entry found for > Identity Provider exostar_idp > {org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO} > TID: [0] [IS] [2015-11-16 09:49:53,938] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade} > - A registered IdP was found > {org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade} > TID: [0] [IS] [2015-11-16 09:49:53,942] DEBUG > {org.wso2.carbon.identity.application.authenticator.samlsso.manager.DefaultSAML2SSOManager} > - SAML Request : <?xml version="1.0" encoding="UTF-8"?> > <saml2p:LogoutRequest Destination=" > https://validation-testing.firecrestclinical.com/samlsso"; > ID="pegdphndejdlofffmmdhdjcjjdjgjkmkcppagnkf" > IssueInstant="2015-11-16T09:49:53.938Z" > NotOnOrAfter="2015-11-16T09:54:53.938Z" Reason="Single Logout" > Version="2.0" > xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer > xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">firecrest > IS</saml2:Issuer><saml2:NameID > Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" > xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">[email protected]</saml2:NameID><saml2p:SessionIndex>f19b7270-c61a-40b1-8e2a-fd9113a983fb</saml2p:SessionIndex></saml2p:LogoutRequest> > {org.wso2.carbon.identity.application.authenticator.samlsso.manager.DefaultSAML2SSOManager} > > > Logs at Secondary IS > ================= > TID: [0] [IS] [2015-11-16 09:49:28,010] DEBUG > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - Query > string : > SAMLRequest=nZLLTsMwEEX3fIXlvds4baGxmgBShRSJh0QLC3auH6nTxA4eF8HfE6eU14IFG8se37m6PuPF%2BWvboBflwTibYzpKMFJWOGlsleOH9RWZ4%2FPiZAG8bdKOXbvK7cO9et4rCGjZL8byMLRuQ%2BiAjccvvDFyqJEw3FcjbbwSvj%2BIxlgjeDMSrh1HSwCHUbnMcacq2W2tVLVsnNa6beVW1qKuZV3Vu3Ynuo5Xdqd7NcBelRYCtyHHaUJnhFJCT9dJxqYZm01G2WT%2BhNGtC3f2zl%2FqoPxv3Wz6pbtXHGL%2BVZ%2B0UejwQowej0jSiKSHZIEdIOR47y1zHAwwy1sFLAi2ury5Zr2Udd4FJ1yDiwMzNuT13x3%2BNuAAykd8uPjkhsrVYvzd7mh%2B27eXS3TlfMvD376xYiTRg5QpG0x4w%2F%2BKFceazi60iJs4ymO2Q5ri%2BFlWCiLCsp%2Fqa6FptjlLzxIiTikn02RDyVylnGiZUTrh2XyiNx8%2Bvzo%2Fqz8%2BX%2FEO&RelayState=02df94c5-8b91-40d5-b3b3-02c87eeeded4&SigAlg=http%3A%2F% > 2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=pjRSvOApLwHb1%2BZ6dcwJmY62zXAaKobHe%2F7%2FjCKCxknfeUnOuUfkwKtKrEubezGjSGjrF%2FatJ91lU3vLNVfO4jkzX0Nl%2FEcNbe7ITH%2FeZYVjS1VdXnAj7amoI%2FAAZ1cRrXQ2NDwZuUHDsLO9dWy4JrSYeiZzMpJKweBeKsSh%2BWiyq0c2%2Bju96xFJ4c1U3IdmcY1jyxphh1%2FQQxSsB2w8WS70cNH3sXgMVZb8Ke%2BvbG%2Fkm%2Fb%2B0gJGQx8HFZ8pGKOoC70ih0p%2FvwBNhAFhJsqJVpuW0lpPtto99fwBN%2FOIr9Qqgdr7I9%2Bgs%2BAOI88j0rqOotGZjmgrdPB1rOaLMU8ghA%3D%3D > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} > TID: [0] [IS] [2015-11-16 09:49:28,011] DEBUG > {org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil} - Request message > <?xml version="1.0" encoding="UTF-8"?> > <saml2p:LogoutRequest Destination=" > https://validation-testing.firecrestclinical.com/samlsso"; > ID="pegdphndejdlofffmmdhdjcjjdjgjkmkcppagnkf" > IssueInstant="2015-11-16T09:49:53.938Z" > NotOnOrAfter="2015-11-16T09:54:53.938Z" Reason="Single Logout" > Version="2.0" > xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer > xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">firecrest > IS</saml2:Issuer><saml2:NameID > Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" > xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">[email protected]</saml2:NameID><saml2p:SessionIndex>f19b7270-c61a-40b1-8e2a-fd9113a983fb</saml2p:SessionIndex></saml2p:LogoutRequest> > {org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil} > TID: [0] [IS] [2015-11-16 09:49:28,023] ERROR > {org.wso2.carbon.identity.sso.saml.processors.LogoutRequestProcessor} - > Session index value not found in the request > {org.wso2.carbon.identity.sso.saml.processors.LogoutRequestProcessor} > TID: [0] [IS] [2015-11-16 09:49:28,032] DEBUG > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - > Invalid SAML SSO Logout Request > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} > TID: [0] [IS] [2015-11-16 09:49:28,033] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} > - Session Data persisting Task is started to run > {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} > TID: [0] [IS] [2015-11-16 09:49:28,033] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} > - Session Data removing Task is started to run > {org.wso2.carbon.identity.application.authentication.framework.store.SessionDataPersistTask} > TID: [0] [IS] [2015-11-16 09:49:28,108] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - retrieving authentication request from cache.. > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:28,108] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} > - > Inbound Request parameters: > RelayState={02df94c5-8b91-40d5-b3b3-02c87eeeded4} > > SAMLRequest={nZLLTsMwEEX3fIXlvds4baGxmgBShRSJh0QLC3auH6nTxA4eF8HfE6eU14IFG8se37m6PuPF+WvboBflwTibYzpKMFJWOGlsleOH9RWZ4/PiZAG8bdKOXbvK7cO9et4rCGjZL8byMLRuQ+iAjccvvDFyqJEw3FcjbbwSvj+IxlgjeDMSrh1HSwCHUbnMcacq2W2tVLVsnNa6beVW1qKuZV3Vu3Ynuo5Xdqd7NcBelRYCtyHHaUJnhFJCT9dJxqYZm01G2WT+hNGtC3f2zl/qoPxv3Wz6pbtXHGL+VZ+0UejwQowej0jSiKSHZIEdIOR47y1zHAwwy1sFLAi2ury5Zr2Udd4FJ1yDiwMzNuT13x3+NuAAykd8uPjkhsrVYvzd7mh+27eXS3TlfMvD376xYiTRg5QpG0x4w/+KFceazi60iJs4ymO2Q5ri+FlWCiLCsp/qa6FptjlLzxIiTikn02RDyVylnGiZUTrh2XyiNx8+vzo/qz8+X/EO} > SigAlg={http://www.w3.org/2000/09/xmldsig#rsa-sha1} > > Signature={pjRSvOApLwHb1+Z6dcwJmY62zXAaKobHe/7/jCKCxknfeUnOuUfkwKtKrEubezGjSGjrF/atJ91lU3vLNVfO4jkzX0Nl/EcNbe7ITH/eZYVjS1VdXnAj7amoI/AAZ1cRrXQ2NDwZuUHDsLO9dWy4JrSYeiZzMpJKweBeKsSh+Wiyq0c2+ju96xFJ4c1U3IdmcY1jyxphh1/QQxSsB2w8WS70cNH3sXgMVZb8Ke+vbG/km/b+0gJGQx8HFZ8pGKOoC70ih0p/vwBNhAFhJsqJVpuW0lpPtto99fwBN/OIr9Qqgdr7I9+gs+AOI88j0rqOotGZjmgrdPB1rOaLMU8ghA==} > commonAuthCallerPath={%2Fsamlsso} > commonAuthLogout={true} > {org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils} > TID: [0] [IS] [2015-11-16 09:49:28,109] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Initializing the flow > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:28,109] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Framework contextId: 076e7853-3b12-46e7-b1d8-1b96b75139a2 > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:28,109] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - Starting a logout flow > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:28,109] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > - relyingParty param is null. This is a possible logout scenario. > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} > TID: [0] [IS] [2015-11-16 09:49:28,111] DEBUG > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultLogoutRequestHandler} > - Sending response back to: /samlsso... > commonAuthLoggedOut: true > sessionDataKey: 6d05e72f-d8c2-4e25-883c-bca06ef649b9 > {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultLogoutRequestHandler} > TID: [0] [IS] [2015-11-16 09:49:28,139] DEBUG > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - Query > string : sessionDataKey=6d05e72f-d8c2-4e25-883c-bca06ef649b9 > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} > TID: [0] [IS] [2015-11-16 09:49:28,141] WARN > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - > Redirecting to default logout page due to a invalid logout request > {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} > > Configuration of Secondary IDP in primary IS > =================================== > Identity Provider Name = exostar_idp > Home Realm Identifier = validation-testing.firecrestclinical.com > Enable Assertion Encryption = true > Enable Logout = true > Enable Logout request Signing = true > SSO URL = https://validation-testing.firecrestclinical.com/samlsso (i.e. > shall be proxied by apache to WSO2 Secondary IS) > Logout URL = https://validation-testing.firecrestclinical.com/samlsso > (i.e. shall be proxied by apache to WSO2 Secondary IS) > Enable Response Signing = true > Enable Assertion Signing = true > Enable Request Signing = true > SAML2 Web SSO User Id Location = false > Identity Provider Entity Id = exostar IDP > HTTP Binding = redirect > Service Provider Entity Id = firecrest IS > > The I have a federated authenticator configured for the service provider > to allow a user to login via the secondary IDP. > > Configuration of resident identity provider in secondary IS > ============================================ > Home Realm Identifier = validation-testing.firecrestclinical.com > Identity Provider ID = > https://validation-testing.firecrestclinical.com/idp/fcp > SSO URL = https://validation-testing.firecrestclinical.com:443/samlsso > Logout URL = https://validation-testing.firecrestclinical.com:443/samlsso > > Configuration of service provider in secondary IS > ===================================== > Service Provider Name = firecrest_idp > Assertion Consumer URL = > https://automated-testing.firecrestclinical.com/commonauth > Enable Response Signing = true > Enable Assertion Signing = true > Enable Assertion Encryption = true > Enable Signature Validation in Authentication Requests and Logout Requests > = true > Enable Single Logout = true (no custom URL provided) > Enable Attribute Profile = true > Include Attributes = true > Enable Idp Initiated SSO/SLO = true > > Thanks, > //John. > > > On Sun, Nov 15, 2015 at 11:11 AM, Chamara Philips <[email protected]> > wrote: > >> Hi John Lee, >> >> I tried exactly the same way as yours with the IS 5.0.0 service pack. I >> don't get such an error. Can you please provide the configurations of the >> Identity Provider in the primary? Better if you can provide the log in the >> primary at the same-time. >> >> Thanks. >> >> On Fri, Nov 13, 2015 at 9:41 PM, John Lee <[email protected]> wrote: >> >>> I have a primary and secondary IS configuration same as >>> https://docs.wso2.com/display/IS500/Connecting+Two+Identity+Servers+with+SAML+SSO >>> . >>> I login via secondary IDP. Then I issue IDP initiated logout. A logout >>> request is then sent from the primary to the secondary, but then the >>> secondary logs the following error: >>> >>> TID: [0] [IS] [2015-11-13 12:56:56,011] DEBUG >>> {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} - Query >>> string : >>> SAMLRequest=nZJfT8MgFMXf%2FRSE9279Y91G1k6TxaSJzsROH3yjFDqUQuWyZX57S%2Bfm9MEHXwhczj05%2FC7zxb5VaMctSKMzHI1CjLhmppa6yfDT%2BjaY4kV%2BMQfaqrgjd6YxW%2FfI37ccHFr2i9TUDa0b5zog4%2FGOKlkPtcAN981ISMuZ7Q9MSS0ZVSNm2rG3BDAYFcsMq7rrRKuaTjVC6uptI0TFuN6YttnU7FVWVSOp1G2vBtjyQoOj2mU4DqM0iKIgStZRTNIrkiSjy0n0gtHKuAf9YG%2BE4%2FanLiFh9K175BR8%2FrJPqjg6vBCj5yOS2CPpIWkgBwgZ3lpNDAUJRNOWA3GMlDf3d6SXks4aZ5hROD8wI0Nee%2B7wtwEF4Nbjw%2FmJGyrK%2Bfjc7mi%2B6tuLJbo1tqXub19fkXUgBinh2kn3gf8Vy481Tq8F8xs%2FymO2Q5r8%2BFlKDh5hoWu%2Bz0VazcI0ZMEsjKfBJetnUcUsCcSMT2pWx9NZGH75%2FOo8VX98vvwT&RelayState=fa32a09d-718b-4342-8eb0-11f6ba8a0074&SigAlg=http%3A%2F% >>> 2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=QwEOj%2BQoPXAJscKV9%2BEVcvR%2FqzGr7IPs%2FlTsMIIK8PP0mCDGOKgwVZ96zVv2jZtYyhjMIzVvQRx8x6kJG6RNtrnkbfakHtMJE6WuB8I9IX%2B6cGoJ47RBh79WxjN8EVjOpn9BX%2BGIXdK5ds8ZkP9KGQ80Nj3BfHxHlbhJ4QKSSOwtBrlZm7oPFQjpEuMHHHnLihaaQbSLrLk%2FdwfMHgfdqxayU9nJs31Ay1lT4fiIuCM2WDZc%2BBd4m0Lc8fdGgOYgEUoIby511pRck17Za6x%2B8x2bQgNLhilmcx >>> i5aEvZPx66FD799Fzxz3qIFOBr%2FDw%2Fieq3emGMWbx%2FQRLuAPfOSQ%3D%3D >>> {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} >>> >>> TID: [0] [IS] [2015-11-13 12:56:56,012] DEBUG >>> {org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil} - Request message >>> <?xml version="1.0" encoding="UTF-8"?> >>> <saml2p:LogoutRequest Destination= >>> "https://validation-testing.firecrestclinical.com/samlsso"; >>> <https://validation-testing.firecrestclinical.com/samlsso> >>> ID="ldppfmlgplgfinbkhffbcenhomghdcjibbgiainm" >>> IssueInstant="2015-11-13T12:56:33.471Z" >>> NotOnOrAfter="2015-11-13T13:01:33.471Z" Reason="Single Logout" >>> Version="2.0" >>> xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"><saml2:Issuer >>> xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">firecrest >>> IS</saml2:Issuer><saml2:NameID >>> Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" >>> xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">[email protected]</saml2:NameID><saml2p:SessionIndex>f5b9050c-9028-4c11-b2c3-f9e7dcd28900</saml2p:SessionIndex></saml2p:LogoutRequest> >>> {org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil} >>> >>> TID: [0] [IS] [2015-11-13 12:58:43,668] ERROR >>> {org.wso2.carbon.identity.sso.saml.processors.LogoutRequestProcessor} - >>> Session index value not found in the request >>> {org.wso2.carbon.identity.sso.saml.processors.LogoutRequestProcessor} >>> >>> You can see the session index in the message so why does the >>> LogoutRequestProcessor say the session was not found in the request? >>> After downloading the source and attempting to debug I cannot find the >>> corresponding source code for the LogoutRequestProcessor log message? >>> Do you have any ideas on this problem? >>> >>> Also worth mentioning that the when receiving the Logout request, the >>> SAML2 token Id is null when trying to read the cookie from request. >>> However, this cookie was in my browser when logging out? >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Hareendra Chamara Philips >> *Software Engineer* >> Mobile : +94 (0) 767 184161 <%2B94%20%280%29%20773%20451194> >> [email protected] <[email protected]> >> >> > -- Hareendra Chamara Philips *Software Engineer* Mobile : +94 (0) 767 184161 <%2B94%20%280%29%20773%20451194> [email protected] <[email protected]>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
