[OPENAM-5917] IdP proxy in a subrealm is unable to send SLO response to the remote SP - ForgeRock JIRA

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 11.0.0, 11.0.1, 11.0.2, 12.0.0, 13.0.0
Fix Version/s: 11.0.4, 12.0.3, 13.0.0
Component/s: SAML
Labels:
- EDISON
- release-notes

Target Version/s:

11.0.4, 12.0.3, 13.0.0

Sprint:
Sprint 81 - Sustaining

Support Ticket IDs:

Description

Steps to reproduce:

Set up an IdP Proxy deployment, but make sure that at the idp proxy node everything is defined in a subrealm.
Perform a SAML login using SP initiated SSO for example
Try to perform an SP initiated SLO from the remote SP

It looks like the IDPProxyUtil always tries to retrieve the remote SP's metadata from the top level realm and hence the SLO procedure fails.

Attachments

Activity

People

Assignee:

Mark de Reeper

Reporter:

Abel Hoxeng

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

28/Apr/15 10:42 PM

Updated:

20/Nov/16 12:06 PM

Resolved:

14/May/15 5:20 AM

Time Tracking

Estimated:

6h

Remaining:

3h

Logged:

1h