Closed IncoFB closed 2 years ago
The library does not support back-channel single logout. As you've figured out, that would require server-side session storage instead of just cookies. To implement it would be a major effort.
Hello Anders, Thanks for tour answer. Finally I came to terms. My question was rather about how to hook code to existing notifications for reacting at server-side on SAML session finalizations. Googling helped me find out that the right place was in this event handler : Sustainsys.Saml2.Configuration.Options.FromConfiguration.Notifications.LogoutResponseCreated
I managed here to get the SAML session (from request param property), even on backchannel calls, such as to release ou session data attached to the saml session at login time...
Hello,
I managed to set up an ASP.NET web application with sustainsys with SAML2 authentication. I imported the sustainsys nuget package and configured everything in app's web.config file. Everything works as expected, including front-channel SLO.
Now trying to find a way to perform backchannel SLO (either IDP or SP initiated) As incoming "server-to-server" SLO calls are not relayed by any web browser, we are supposed to register SAML sessions somewhere (like in application cache) for maintaining a list of "invalid sessions". Also, in my application I would like to remove third-party cookies and session variables for a clean logout. This means we have to write additional server-side code for this logic. But having no idea where to hook that logic in the sustainsys SAML client, and I found no sample code for this.
Could you help, please ?
Thanks in advance