-
1. Re: Logout issue with ADFS 2.0 as the IDP
ryanfernandes Sep 19, 2011 5:33 AM (in response to ryanfernandes){bump}
Well, I just noticed that the logout request generated by picketlink contains an Issuer, but does not contain a NameID or a SessionIndex.
(I'm curious because NameID/EncryptedID/BaseID is mandatory)
Is this as it should be or have I missed something?
-
2. Re: Logout issue with ADFS 2.0 as the IDP
afzal34 Apr 6, 2012 5:52 PM (in response to ryanfernandes)Ryan did picket link solve this problem. I am using opensso and running into same issue
-
3. Re: Logout issue with ADFS 2.0 as the IDP
ryanfernandes Apr 10, 2012 1:45 AM (in response to afzal34)As of version 2.0.1 this was not resolved. We used a workaround specific to our scenario to achieve this.
We invalidated the user session of the current application and hit a ADFS2-specific url to single-sign-out.
Something along the lines of:
logout.jsp {
<%session.invalidate();%>
<html>
<head>
<meta http-equiv="refresh" content="0;url=https://my.adfs2.server/adfs/ls/?wa=wsignout1.0" />
</head></html>
}
If the latest version doesn't work for you, you could try something similar for opensso (based on your specific scenario ofcourse).