Yes, that's a good idea. The relay state can be used by the SP to remember information between sending the SAML logout request and receiving the SAML logout response. You could use this to remember which URL to redirect to after receiving the SAML logout response. Please note that HTTPPostBinding.SendRequest and SingleLogoutService.SendLogoutRequestByHTTPPost are part of the SAML low-level API. This API doesn't make use of SAML configuration. The SAML configuration is used by the SAML high-level API. We recommend using the high-level API wherever possible as it's easier to use and requires less code. The SAML high-level API for sending a SAML logout request is SAMLServiceProvider.InitiateSLO. The SAML logout response is received using SAMLServiceProvider.ReceiveSLO. To use these APIs you must also use the high-level API for the SSO. You can't mix the low-level and high-level API as only the high-level SSO API remembers state information required to support SLO. The SAML high-level API, SAMLServiceProvider.InitiateSSO, has an overload that allows you to dynamically specify the assertion consumer service URL. As an SP, only the LocalServiceProviderConfiguration and PartnerIdentityProviderConfigurations apply. The LocalIdentityProviderConfiguration and PartnerServiceProviderConfigurations apply if your application is an IdP. The configuration may be specified in a saml.config file or programmatically. There are a couple of options for setting configuration programmatically as outlined in the Configuration Guide. https://www.componentspace.com/Forums/9350/Configuration-Guide
Regards ComponentSpace Development
|