iv-enovation
commented
3 years ago Hi It should be possible to implement a frontchannel SLO via the Moodle plugin - to include a textarea for SLO URLs in the plugin configuration and then open all the URLs from it on the plugin's logout page in iframes. A tiny issue with this approach is that the SLO URLs will have to logout users without issuing any redirects, and given Moodle-Moodle integration, an SP Moodle is not really able to do so On the other hand, SimpleSAMLphp might include own SLO mechanisms, that is still to be investigated
Hi!
You mention in the README that "If a user logs out from Moodle, it will not log them out from their SP application. The logout process is one-directional, from the SP app to Moodle". On the other hand, SAML defines a Single Logout process so that logging out from the IdP provokes a log out on the SPs as well.
Have you investigated what's needed to implement Single Logout? Are there any reasons that make it impossible? If it's just a matter of getting the work done, I might be able to work on a pull request.