Skip to content

Configuring SLO Request URL in front channel logout for tenant environment. [IS 5.9.0 - 5.10.0] #1921

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
SiluniPathirana opened this issue Jul 29, 2020 · 0 comments
Open

Configuring SLO Request URL in front channel logout for tenant environment. [IS 5.9.0 - 5.10.0] #1921

SiluniPathirana opened this issue Jul 29, 2020 · 0 comments

Comments

@SiluniPathirana
Copy link

SiluniPathirana commented Jul 29, 2020
edited
Loading

In the documentation [1] following mentioned SLO request URL is incorrect.

SLO Request URL ; "http:/localhost:8080/identity/saml/slo"

It should be corrected as

SLO Request URL ; "http:/<IS_HOSTNAME>:<IS_PORT>/identity/saml/slo"

ex:

SLO Request URL ; "http:/localhost:9443/identity/saml/slo"

And we need to include the configuration for multi tenant environment as well. For tenants the SLO request URL should be as follows

"http://apim.com:9443/t/<tenant_domain>/identity/saml/slo"

And in the <IS_HOME>/repository/conf/deployment.toml the configs should be configured as follows

[[resource.access_control]]
context="(.*)/identity/saml/slo(.*)"
secure="false"
http_method="all"

[1] https://is.docs.wso2.com/en/latest/learn/handling-saml-single-logout-requests-from-federated-identity-providers/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SiluniPathirana