ComponentSpace

Forums



SLO Triggering Twice


SLO Triggering Twice

Author
Message
joel.white
joel.white
New Member
New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)

Group: Forum Members
Posts: 1, Visits: 5
We have an environment set up with a single IDP and two to three SPs. When logging in on one SP, navigating to another (who 'logs in'), returning to the first and attempting to initiate SLO, the SLO fires twice from the SP and the second SLO call fails, breaking the whole SLO.

I have the SAML trace and can email it.

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Yes, please email the SAML log file to [email protected] mentioning your forum post.

Regards
ComponentSpace Development
jonasbollou
jonasbollou
New Member
New Member (1 reputation)New Member (1 reputation)New Member (1 reputation)New Member (1 reputation)New Member (1 reputation)New Member (1 reputation)New Member (1 reputation)New Member (1 reputation)New Member (1 reputation)

Group: Forum Members
Posts: 1, Visits: 3
Hi,
I'm having a similar issue, what did you do to fix it?

We have an environment set up with Okta as a single IDP and one (1) SP. We are able to log in on our SP and navigate the application. When we try to log out (we initiate SLO from SP), the SLO fires twice from the SP and the second SLO call fails, breaking the whole SLO. This will cause the current user to stay connected to Okta (The logout response status code indicates a failure but logout will continue). 

Regards,
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
I don't think this is the same issue. The log from the OP showed InitiateSLO being called twice by the application.

The log you've sent only shows a single call to InitiateSLO.

Okta is returning a urn:oasis:names:tc:SAML:2.0:status:AuthnFailed status in the logout response.

Please take a look at the Okta system log. Hopefully it has more specific information explaining why it’s returning this error status.

In our testing with Okta, we saw no issues with SP-initiated SLO. The issue you’re seeing might be configuration related.



Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search