search

omniauth / omniauth-saml

A generic SAML strategy for OmniAuth
https://github.com/omniauth/omniauth-saml
Other
329 stars 205 forks source link

Errors in IdP initiated logout #205

Open saranya-sanju opened 2 years ago

saranya-sanju commented 2 years ago

I'm using Rails 5.2 with Devise and Azure AD for SSO, Sign in process and SP initiated logout is working fine.

For IdP initiated logout, the user is not logged out of the session. The session["saml_uid"] is returning as nil and validate_signature is returning as false.

While accessing the session during LogoutRequest, facing the below issue

#<ActionDispatch::Request::Session:0x7fb410fbc388 not yet loaded>

I have the provided the below credentials for integrating Rails with Azure using omniauh-saml, assertion_customer_service_url, idp_sso_target_url, idp_slo_target_url, idp_cert_fingerprint, issuer, slo_default_relay_state

Can you please help in getting the Rails session logged out while logging out in Azure?

bschrag commented 7 months ago

I too am facing a similar issue with Azure. When the slo request comes in from Azure, the session is empty. Perhaps this is an issue on Azure's end. I also have the issue with the SloLogoutrequest being invalid. Specifically, the error states that the certificate is invalid.