Thanks for your response. Now we can handle logout based on first one.
Also, if cookie is not enabled, infinite redirection is happening between Google Apps & IDP. Please advice? Venky On Feb 5, 2008 9:59 PM, Takashi MATSUO <[EMAIL PROTECTED]> wrote: > > Hi, > > IIRC, Google Apps doesn't have a SAML 2.0 Single Logout Service > capability. > So, when Sign out is clicked in Google page, Google just tell the > browser to redirect to the Logout URL. > > At present, Google never send any Logout Request to IDP. > Additionally, Google never receive any Logout Request nor Logout > Response from IDP. > > So, as a workaround, > > 1. when the Logout URL is requested by the browser, IDP should treat > it as if it contains Logout Request. > > 2. Probably, IDP can use the URL bellow when IDP should throw Logout > Request to Google. > https?://mail.google.com/a/example.com/logout > > > I know 1 works well, except some security problem. > I'm not sure if 2 works well or not. I've never tried that. > > I believe that it is the only way to implement Single Logout with > Google at present. > > Regards, > > On Feb 5, 2008 11:39 PM, Venkatesh p <[EMAIL PROTECTED]> wrote: > > Hi, > > > > We are able to successfully sign in to Google SSO Apps using SAML 2.0 > > assertion. > > > > But when Sign out is clicked in Google page, request from Google to > > identity provider is empty and not able to procees from here onwards. > > > > Please advice > > > > Venky > > > > > > > > > -- > Takashi Matsuo > [EMAIL PROTECTED] > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
