Versions Compared

Old Version 15

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version Current

changes.mady.by.user David Walker (internet2.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

On April 9, 2013, support for SAML2 Single Logout (SLO) endpoints in IdP metadata was introduced into the Federation Manager (FM). Support for SAML2 SLO endpoints in SP metadata was added to the FM on April 30. See the FM Change Log for Federation Manager Release Notes for screen shots.

IdP deployments that support SLO should introduce SLO endpoints into IdP metadata with care. Here's why:

...

Code Block
titleSLO Endpoints in Metadata

<!-- SAML V2.0 -->
<md:SingleLogoutService
    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
    Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
    Location="https://idp.example.org/idp/profile/SAML2/Redirect/SLO"/>
<md:SingleLogoutService
    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
    Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    Location="https://idp.example.org/idp/profile/SAML2/POST/SLO"/>
<md:SingleLogoutService
    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
    Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
    Location="https://idp.example.org/idp/profile/SAML2/SOAP/SLO"/>

...