Previous Topic: Add Functionality to the Federation DeploymentNext Topic: Enable Single Logout at the SP

Federation Security Services GuideDeploy Federation Using a Manual ConfigurationAdd Functionality to the Federation DeploymentProtect the Target Resource at the SPEnable Single Logout at the IdP

Enable Single Logout at the IdP

You can initiate single logout at the IdP. At the IdP, idp.demo, you enable single logout on a per-SP basis.

To configure single logout

  1. Log in to the FSS Administrative UI and access the SAML Service Provider Properties dialog for sp.demo.
  2. Select the SLO tab.
  3. Select the HTTP-Redirect.

    The remaining fields become active.

  4. Enter values for the following fields:
    SLO Location URL

    http://www.sp.demo:81/affwebservices/public/saml2slo

    Defines the SLO servlet at the SP.

    SLO Confirm URL

    http://www.idp.demo:80/idpsample/SLOConfirm.jsp.

  5. Accept defaults for the other fields.
  6. From the Policy Server Management Console, enable the session server.