Apologies for commenting on a really old post. In our system, as the SAML identity provider to other applications, we are secured by an upstream OIDC provider. When we get an OIDC endsession request I need to dispatch ALL of the SLO requests immediately and simultaneously, I cannot wait for each to round trip as we are under a strict time constraint. Is it possible to, in the InitiateSLOAsync method, to output each SLO request in a seperate IFrame, in the same way the OIDC front channel logout works? In addition, how do I clear the saml state for any partner who doesn't participate in SLO, InitiateSLOAsync throws a SamlProtocolException if there are only service partners without SLO configured. The SamlState object is not public so I cannot retrieve it from the ISsoSessionState instance. ( LoadAsync<T> and/or RemoveAsync<T> )
|