Add single log-out integration

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Log out on Drupal site directly
2. Go to WordPress site, which has SLO support
3. Still logged into WordPress because WordPress is on it's own installation of 
SSP, not the same one as the IdP.

What is the expected output? What do you see instead?

Expected to get logged out of WP. In other words, $as->isAuthenticated() should 
fail.

What version of the product are you using? On what operating system?

Latest version. Configured and working on Drupal site.

Please provide any additional information below.

Not logging into Drupal site with SSP because it *is* the IdP. But I can set up 
an SP for it as long as this won't make it too hard for things to work for my 
existing Drupal users.

Original issue reported on code.google.com by kevin.kaland on 15 Dec 2012 at 10:14

[GoogleCodeExporter]

Which authentication source are you using? (UserPass.php or External.php)
Which version of Drupal? (6 or 7)

Original comment by smoit...@gmail.com on 16 Dec 2012 at 12:12

[GoogleCodeExporter]

External.php, Drupal 7. Thanks for the quick reply!

(Is there an IRC channel for SSP? :))

Original comment by kevin.kaland on 16 Dec 2012 at 10:46

[GoogleCodeExporter]

I suspect the issue is with the WordPress integration. Here's what I would do 
to test it:
1) Go to the SimpleSAMLphp SP installation page (the one for WordPress)
2) Under the Authentication Tab, click "Test configured authentication sources"
3) Click on the SP (default-sp?) that is connected to the the IdP that uses 
drupalauth
4) When presented with the Drupal login page, login
5) Return to the Drupal site and logout of Drupal
6) Repeat steps 2 and 3, if you are presented with the Drupal login page then 
drupalauth and the two instances of SimpleSAMLphp are working fine, it's the 
WordPress plugin

Original comment by smoit...@gmail.com on 18 Dec 2012 at 5:22

[GoogleCodeExporter]

Oh, I have actually already done that I realized. What I am really asking
is how to make the plugin support it. What function should it call to ask
the SP to determine if we are logged in or not so that it can log the user
out on the next WP page load?

Original comment by kevin.kaland on 6 Jan 2013 at 6:42

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

I'm facing the same Issue Kevin, did you solve the problem? It's possible to 
logout sp when i logout from idp?

Original comment by brun...@ciandt.com on 25 Feb 2014 at 4:53

[GoogleCodeExporter]

Same here. When logging out of the drupal site after doeing steps 1 to 5, and 
wanting to do step 6, i am already logedin when pressing the SP link in step 3.

Original comment by skrzype...@gmail.com on 15 May 2014 at 12:14

[GoogleCodeExporter]

For me it is fixed. The logout link in the SimpleSAML interface was wrong it 
had:
url?as=default-sp?as=default-sp&logout
instead of:
url?as=default-sp&logout

I am using nginx, and had some more issues; the following fixes it: 
https://github.com/HTML24/WAYF/wiki/Frequent-Errors-List
public static function selfURLNoQuery() {
    $url = self::selfURL();
    $url = strtok($url, '?');
    return $url;
}

More reading: 
https://groups.google.com/forum/?fromgroups=#!topic/simplesamlphp/EERTQ5zvQsA

Original comment by skrzype...@gmail.com on 15 May 2014 at 1:30

[GoogleCodeExporter]

But doesn't SAML support logging out of SP users when IdP is logged out? It 
cannot be so that the SP application has to check the IdP on every page load if 
the user is logged in or not in IdP, major performance issues with that.

Also logging out in one SP should trigger logout on all other SPs which the IdP 
is aware of. Does this module support that? Or should the toolkit take care of 
it when it receives a logout request from any SP application?

Original comment by joonas.m...@wunderkraut.com on 8 Aug 2014 at 7:57