I have setup a Web SSO for a new SP using POST binding the whole SSO
flow works as expected

User sign into our portal > click on the SP link > user gets access >
then once the user is done using the resource > user click on sign out
link from the SP resource > use gets directed to our /AGlogout page

On the /AGlogout page we have a link for the user if they want to log
back into the portal if they wish. When the user clicks on that login
link they get access without having to authenticate. This is a problem
because it looks like the web SSO session is still alive which it should
have been killed / cleared after the user logged out.

The SP does support the SLO as it's seen in the following entry in their
metadata:

SingleLogoutService
Binding = urnasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
Location =
https://idpprovidername.serviceprovi...Out/SamlLogout

Any advise or recoomendation on how I can kill the session on IdP side
would be appreciated.

We are on NAM Version 4.0.1-88 + HF1-93

Thank you
Hassan


--
hrquibi
------------------------------------------------------------------------
hrquibi's Profile: https://forums.netiq.com/member.php?userid=11669
View this thread: https://forums.netiq.com/showthread.php?t=55824