Forums, Documentation & Knowledge Base - ComponentSpace

SLO throws an error: "A logout response was unexpectedly received." after upgrade from version 2.8.2.0 to 3.3.0.0


https://componentspace.com/forums/Topic9922.aspx

By Milan - 4/14/2019

Hi,
I did upgrade from SAML version 2.8.2.0 to 3.3.0.0 and SLO stopped working for me. 
Locally I have 2 sites one acting as IdP (siteA) and other as SP (siteB). 
I can perform SSO successfully from IdP to SP and vice versa. However, on SLO either from IdP or SP initiated an exception is thrown "A logout response was unexpectedly received."

Here is the flow
  1. Login to IdP
  2. SSO to SP
  3. Successfully logged in to SP
  4. IdP logout user, then send logout request to SP (SAMLIdentityProvider.InitiateSLO)
  5. SP receive SLO, logout user, send SLO response back to IdP (SAMLServiceProvider.SendSLO)
  6. IdP receive SLO response from SP and call to SAMLIdentityProvider.ReceiveSLO and throws an error. (Similarly, when SP initiate SLO, exception is thrown on SAMLServiceProvider.ReceiveSLO, after successfully logged out from SP and IdP)

Single Logout Service URL(s), where the SLO request and response are sent:
IdP: http://siteA.localhost/Saml/IdentityProvider/Logout
SP: http://siteB.localhost/Saml/ServiceProvider/Logout

The configuration for SAML is specified programmatically. Sessions are managed via DB.
I have tried your example projects for 3.3.0.0 and SLO works fine for me there. 

Do you have any suggestions on what might cause the issue?
Thanks!
By ComponentSpace - 4/17/2019

Thanks Milan for the update and sharing.