Hi All,

I need to logout a user from our IDP's, for a session which doesn't
involve the access gateways. User browses to Service Provider ->
Redirected to IDP -> Login SAML2 token forwarded to SP -> User logs in,
and Eventually user Logs out -> Back to IDP.

The logout I'm directing to /nidp/app/logout, and this appears to be
then directed to the nidp.jsp, and then onto to logoutSuccess.jsp. The
user is logged out.

I now have a requirement, where after logout, I need to forward a user
back to their specific application login page. So I've tried appending a
query parameter into the logout /nidp/app/logout?app=salesforce for
example, but the query parameter is lost once hitting the nidp.jsp page.

I've tried request.getQueryString(), request.getParameter("app"),
request.getAttribute("app") but all values return null. If I direct the
logout to /nidp/app/nidp?app=salesforce, I can then see the Query String
values, but then I'm not directed over to logoutSucess.jsp.

I can retrieve the referrer value via request.getHeader("REFERER") in
the nidp.jsp, and then use this in the logoutSuccess.jsp to direct a
user as required, but the request.getHeader("REFERER") option returns
null for Internet Explorer, so it's not a working option.

What are others doing for situations like this?

gbatty1's Profile: https://forums.netiq.com/member.php?userid=2072
View this thread: https://forums.netiq.com/showthread.php?t=50719