I have the scenario that I have 2 sites site1.company.com and site2.company.com on AEM, both of them have protected pages (CUGs), and both of them are integrated with the same IDP using SAML Authentication Handler. SAML Authentication Handler is also set to handle logout.
When a user logs in to one of the sites then also will be automatically authenticated when accessing the protected page on the second one. When a user logs out from one site then also it should be logged out from IDP and from the second site.
The question is connected to the Single Logout mechanism. When the user logs out from one site, it triggers SAML Handler and the handler uses the logout URL of IDP to log out of the user also from IDP. This logout triggers IDP to send a SAML Logout Request to the second site to log out.
Questions:
To what URL on AEM I should send SAML Logout Request to handle this logout on second site on AEM, is it /system/sling/logout?resource=resource_used_to_log_in?
What type of Binding is supported on SAML Handler when sending SAML Logout Request?
Solved! Go to Solution.
Hi
AEM provide a mechanism to logout from AEM, please check
Hi @mtobiasz
Maybe you can use the another user group to protect your site and based on users access you can disallow the users from other sites.
you can configured custom logout urls to manage logout only for a site
Hi @arunpatidar
Unfortunately, it doesn't answer my question regarding SAML integration using the AEM SAML Authentication Handler.
If the SAML Authentication Handler is used for integration with IDP then I would also assume that should be able to handle SAML Logout Response triggered by IDP, especially since the SAML Authentication Handler is responsible for logging out the user and clearing the "login-token" cookie from a browser
I would like to know if AEM is providing such a mechanism or if it is something that I should handle myself.
Hi
AEM provide a mechanism to logout from AEM, please check
@mtobiasz Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies