Steps to reproduce:
- Set up an IdP Proxy deployment, but make sure that at the idp proxy node everything is defined in a subrealm.
- Perform a SAML login using SP initiated SSO for example
- Try to perform an SP initiated SLO from the remote SP
It looks like the IDPProxyUtil always tries to retrieve the remote SP's metadata from the top level realm and hence the SLO procedure fails.