Hi All, Please consider the below scenario.
When the Federated IdP sends the logout request we have to logout the user from the WSO2IS. The proposed POC is as follows. - 1 & 4 are OAuth flows - 2 & 3 are SAML flows Participants of the discussion: Malithi, Thanuja and Dimuthu For the POC we will do the following. a) - At number 4 in the diagram, i.e. at the conclusion flow, we implement a listener that would record the SAML session Index vs. session Id in an appropriate data structure (for the POC it is a map). This handler will be in the out-boud SAML component. b) - At number 5 in the diagram, i.e. when the logout request is received, we wrap the request and response and send over to our common-auth servelet. Here before invoking the common-auth servelet, we will retrieve session Id from the map (using the SAML Session Index) and set it in the wrapper object. @Thanuja and Malithi: Please add anything that I have missed. And also appreciate code snippets for above (a) and (b). After the POC implementation, we will have another review. thank you, Dimuthu -- Dimuthu Leelarathne Director, Solutions Architecture WSO2, Inc. (http://wso2.com) email: dimut...@wso2.com Mobile: +94773661935 Blog: http://muthulee.blogspot.com Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
