Forum Discussion
SAML SP single-logout-binding
Hello all,
using F5 APM 1.14.2.HF2 as IdP.
In the documentation it is stated for SLO only POST is supported (well, in some cases even for login, as the redirect signature is not correctly validated). So far good. The problem is, that some SP support only redirects for SLO and it is not possible to implement full SLO with such SP. We expect that redirect binding will be supported in some time in the future too (hopefully).
The question is - there are APM SSO configuration properties not available via GUI, e.g. saml-sp-connector single-logout-binding. I already thought that would solve our problem (even without signing the SLO messsage), but - we see no way to provide a value.
- tmsh modify apm sso saml-sp-connector single-logout-binding ...
What are allowed values? Would it even solve anything?
Thank you all in advance
Gabriel
- Manish_Oberoi_1Nimbostratus
I have a similar issue with 11.5.3 - I want to service HTTP-Redirect for a SP however nothing seems to be available in the GUI. The idP metadata only seems to support HTTP-POST.
Were you able to find anything or able to service your requirements in an alt method? iRule?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com