使用SAML在单个注销中终止会话 [英] Session termination in single logout using SAML

问题描述

让我们说我们有一个用户正在使用Single sign-on访问三种不同的服务. 单击注销后，可以识别和终止当前Sp的会话.

Let us say we have a user who is accessing three different services using Single sign-on. On clicking on Logout the session with current Sp can be identified and terminated.

在这里，IdP的职责是使用户从其他两项服​​务中注销. 我的问题是如何获取并终止与其余两项服务的会话?

Here on, it is the responsibility of IdP to log the user out from the other two services. My question is how the sessions with the remaining two services will be obtained and terminated?

推荐答案

Idp向其他两个SP发送LogoutRequest以及要注销用户的sessionIndex.然后，SP负责在其端终止会话.

The Idp send the other two SPs a LogoutRequest with the sessionIndex of the user to be logged out. The SPs are then responsible to terminate the session on their side.

这篇关于使用SAML在单个注销中终止会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！