Menu
▾
▴
[Unity-idm-discuss] configure SLO
|
From: Sander A. <sa....@fz...> - 2021-12-01 10:08:13
|
Hi Krzysztof, in past we did not support/use SLO due most user did not want to logged out on all services if the logout from one. This opinion is changing especially on the user who are the managers. We did not change any attributes from the default unity config. Can you give us a hint which attributes must be configured to perform SLO? Of course we must configure the SLO endpoints of the accepted SPs. The SLO endpoints from the upstream IdPs should be fetched from the metadata file, if they are provided within. Is this assumption correct? Beside of this, do we only need to configure - unity.saml.requester.sloPath=/SLO-WEB - unity.saml.requester.sloRealm=defaultRealm I guess unityServer.core.logoutMode is only for clicking on the logout button on unity. But also here we recognized using the default value internalAndSyncPeers doesn't you logout from the IdP. But maybe this is also not working because we did not enable SLO. Best regards, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ----------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
