Hi, IIRC, Google Apps doesn't have a SAML 2.0 Single Logout Service capability. So, when Sign out is clicked in Google page, Google just tell the browser to redirect to the Logout URL.
At present, Google never send any Logout Request to IDP. Additionally, Google never receive any Logout Request nor Logout Response from IDP. So, as a workaround, 1. when the Logout URL is requested by the browser, IDP should treat it as if it contains Logout Request. 2. Probably, IDP can use the URL bellow when IDP should throw Logout Request to Google. https?://mail.google.com/a/example.com/logout I know 1 works well, except some security problem. I'm not sure if 2 works well or not. I've never tried that. I believe that it is the only way to implement Single Logout with Google at present. Regards, On Feb 5, 2008 11:39 PM, Venkatesh p <[EMAIL PROTECTED]> wrote: > Hi, > > We are able to successfully sign in to Google SSO Apps using SAML 2.0 > assertion. > > But when Sign out is clicked in Google page, request from Google to > identity provider is empty and not able to procees from here onwards. > > Please advice > > Venky > > > -- Takashi Matsuo [EMAIL PROTECTED] --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
