What's stored in the SessionID is a combination of the SAML session cookie value and the type of the SAML session object. This supports those applications that act as both an IdP and an SP in which case there would be two rows. The SessionID for both rows would start with the same SAML session cookie value but would have different suffixes indicating the two SAML session object types for IdP vs SP session data.
The sessonID parameter to the Delete method is the SAML session cookie value only. In most cases there will be only one entry but we use the WHERE/LIKE clause to ensure, if there are two entries (IdP and SP session data), that both are deleted.
Regards ComponentSpace Development
|