4:14 a.m.
Hi SATOSA users,
Currently, we are working on SSO project which is Zoom SSO service.
We use SATOSA proxy in order to connect with our identity federation (one-to-many type),
and we have already implemented single sign-on (SSO) service and it's working, however
we still require single logout service (SLO).
We couldn't find any SATOSA configuration regarding to SLO from SATOSA documentation.
Without SLO, although user has already selected and clicked log out from Zoom, the session
still there, otherwise user requires to clear the browser cache.
Could you explain to us, how to implement SLO in SATOSA?
Thank you.
----------------
Best regards,
Mr. Ferdy Mulyadi
Research Assistant
Internet Innovation Research Team (INO - CNWRG)
National Electronics and Computer Technology Center (NECTEC)
National Science and Technology Department Agency (NSTDA)
Thailand Science Park (TSP) - 112 Phaholyothin Rd., Khlong Nueng, Khlong Luang
Pathum Thani, THAILAND
________________________________
Disclaimer:
This e-mail and any files transmitted with it may contain confidential and proprietary
information of the National Science and Technology Development Agency (NSTDA), Thailand.
They are intended solely for the use of the addressed individuals or entities. If you are
not the intended recipient, you are required to immediately delete this e-mail and its
contents from your system. Any disclosure, distribution, or action based upon the contents
of this e-mail is strictly prohibited. Any views or opinions presented in this e-mail are
solely those of the sender and do not necessarily represent those of NSTDA. NSTDA does not
accept any responsibility for the content of this message or the consequences of any
actions taken on the basis of the information provided. NSTDA accepts no liability for any
damage caused by any virus or malware which may be inserted in this e-mail during
transmission.
10:18 a.m.
Hi Ferdy,
I created an issues regarding this topic, here:
https://github.com/IdentityPython/SATOSA/issues/211
I faced this problem in the past, as you can read the endpoint
registration, even if it takes from configuration a single logout service,
only handles an authn_request.
I don't know when this behaviour would be extended to handle also SLO, Ivan
(c00kiemon5ter) told me to do a PR with a proposal but actually I faced
this problem forcing ForceAuthn to the Satosa SAML2 Backend. If you would
like to go more in the deep and make a PR I'll follow you in this with
tests and things.
Il giorno lun 10 feb 2020 alle ore 09:57 Ferdy Mulyadi <
ferdy.mul at ncr.nstda.or.th> ha scritto:
Hi SATOSA users,
Currently, we are working on SSO project which is Zoom SSO service.
We use SATOSA proxy in order to connect with our identity federation
(one-to-many type), and we have already implemented single sign-on (SSO)
service and it’s working, however we still require single logout service
(SLO).
We couldn’t find any SATOSA configuration regarding to SLO from SATOSA
documentation.
Without SLO, although user has already selected and clicked log out from
Zoom, the session still there, otherwise user requires to clear the browser
cache.
Could you explain to us, how to implement SLO in SATOSA?
Thank you.
----------------
Best regards,
Mr. Ferdy Mulyadi
Research Assistant
Internet Innovation Research Team (INO - CNWRG)
*National Electronics and Computer Technology Center (NECTEC)*
*National Science and Technology Department Agency (NSTDA)*
*Thailand Science Park (TSP) - **112 Phaholyothin Rd., Khlong Nueng,
Khlong Luang*
*Pathum Thani, THAILAND*
------------------------------
Disclaimer:
This e-mail and any files transmitted with it may contain confidential and
proprietary information of the National Science and Technology Development
Agency (NSTDA), Thailand. They are intended solely for the use of the
addressed individuals or entities. If you are not the intended recipient,
you are required to immediately delete this e-mail and its contents from
your system. Any disclosure, distribution, or action based upon the
contents of this e-mail is strictly prohibited. Any views or opinions
presented in this e-mail are solely those of the sender and do not
necessarily represent those of NSTDA. NSTDA does not accept any
responsibility for the content of this message or the consequences of any
actions taken on the basis of the information provided. NSTDA accepts no
liability for any damage caused by any virus or malware which may be
inserted in this e-mail during transmission.
_______________________________________________
satosa-users mailing list
satosa-users at lists.sunet.se
https://lists.sunet.se/listinfo/satosa-users
--
____________________
Dott. Giuseppe De Marco
CENTRO ICT DI ATENEO
University of Calabria
87036 Rende (CS) - Italy
Phone: +39 0984 496961
e-mail: giuseppe.demarco at unical.it
1733
days inactive
1739
days old
1 comments
2 participants
participants (2)
-
ferdy.mul@ncr.nstda.or.th -
giuseppe.demarco@unical.it