You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm making an "out of the blue" logout request using python3-saml and samlp is raising an error at lib/logout.js:180 (line if (!session && !options.destination) { return next(new Error('Invalid Session Participant')); }). The request contains the Destination attribute, and the saml-idp service is setting the session participants, so why am I getting this error? I get that the request is coming out of nowhere (i.e. no session), but I am including the destination. If I change options.destination on line 180 to requestData.destination then it works. Maybe this is horrifying in terms of security, but I want to at least pose the question. How can I ensure the principal is logged out of the IdP, regardless of having a session or not? The error is raised as a 500 via saml-idp, so it's hard to do any reasonable validation.
The text was updated successfully, but these errors were encountered:
I'm making an "out of the blue" logout request using python3-saml and samlp is raising an error at
lib/logout.js:180(lineif (!session && !options.destination) { return next(new Error('Invalid Session Participant')); }). The request contains theDestinationattribute, and the saml-idp service is setting the session participants, so why am I getting this error? I get that the request is coming out of nowhere (i.e. no session), but I am including the destination. If I changeoptions.destinationon line 180 torequestData.destinationthen it works. Maybe this is horrifying in terms of security, but I want to at least pose the question. How can I ensure the principal is logged out of the IdP, regardless of having a session or not? The error is raised as a 500 via saml-idp, so it's hard to do any reasonable validation.The text was updated successfully, but these errors were encountered: