Forums, Documentation & Knowledge Base - ComponentSpace

IsSSO call returns True after successful logout from identity provider


https://www.componentspace.com/forums/Topic12324.aspx

By nnakova - 1/12/2023

We have an SSO service provider implementation which supports SLO. After the SAML logout request has been processed by the identity provider and the identity provider redirects back to our application, we call SAMLServiceProvider.IsSSO(partnerIdP) as a way to verify whether the logout succeeded. If IsSSO returns true (i.e. we are still single signed on with the identity provider) we show a message that the logout did not succeed.

This implementation used to work until we upgraded to version 6.0 of ComponentSpace. But starting with version 6.0, and now also in 6.1, after a successful logout from the identity provider, when we call IsSSO it always returns true. This is causing our application to incorrectly report that the logout did not succeed.

Shouldn't IsSSO return false if we have successfully logged out from the identity provider and our application has processed the SLO response?

I am attaching the SAML Trace log file for a simple test: login to the identity provider followed by logout.
By ComponentSpace - 1/18/2023

Thanks for the confirmation.