Previous Topic: SAML 2.0 Assertion Does Not Have the Correct Timestamp (128759)Next Topic: Policy Server Restart Was Required for a Trusted Host (95465)

Release NotesSDK Release NotesDefects Fixed in r12 SP3Session Index Updates Causes SLO to Fail (123496)

Session Index Updates Causes SLO to Fail (123496)

Symptom:

A user authenticates at the IdP and is redirected back to the SP with an assertion. If the user clicks the browser back button upon returning to the SP, the session index is updated and stored in the SP session store.

When the user logs out, SiteMinder uses the session index from the original assertion, resulting in a session index mismatch. Single logout, if configured, fails.

Solution:

A new SAML 2.0 property named SAML_SP_REUSE_SESSION_INDEX has been added to the C and Perl CLIs. Enable this property so single log out works with third-party partners that do not honor the session index passed in newer assertions.

STAR Issue: 19613507-1