Hello All,
I have never implemented SLO in Federation partnership and hence would like few guidance for IDP and SP initiated SLO. In this Scenario, we are acting as the IDP and want to invalidate the SMSESSION. Is there any other way to invalidate the SMSESSION on the browser?
I tried implementing SLO, i.e. configuring SLO Binding to HTTP-Redirect and then SLO Service Location URL as
https://IDP//affwebservices/public/saml2slo , SLO Confirm URL as https/SP/Logout.html and also SLO Service URL as
https://IDP//affwebservices/public/saml2slo .
When i create a SMSESSION on the browser and access the SLO URL
https://IDP//affwebservices/public/saml2slo in the same browser, then i get the below error in logs: -
[07:19:29][49564][48495472][1f814793-085bb6de-90869a60-51f8b924-d07c3e76-e7a][SLOService.java][doGet][Transaction with ID: 1f814793-085bb6de-90869a60-51f8b924-d07c3e76-e7a failed. Reason: SLO_GET_EXCEPTION]
{07:19:29][49564][48495472][1f814793-085bb6de-90869a60-51f8b924-d07c3e76-e7a][SLOService.java][doGet][Exception caught in class com.netegrity.affiliateminder.webservices.saml2.SLOService, method doGet: java.lang.NullPointerException
Can you please guide where i am wrong or any pointers to Documents which i can refer?
Thank You
Ankur