APM SP with ADFS Single-Log-Out
Hi Folks, I'd like to ask for working sample configuration to perform a SAML based Single-Log-Out. Scenario: VS_1 -> APM Policy with SAML Pre-Auth via multiple ADFS Server(s) -> SharePoint with WS-Federation Auth using the same ADFS Server(s) VS_2 -> APM Policy with 2FA/AD Auth and Kerberos-SSO -> ADFS Server for Department 1 VS_N -> APM Policy with 2FA/AD Auth and Kerberos-SSO -> ADFS Server for Department N Problem: If a user initiates a logout on the SharePoint Site, just the APM session for VS_1 gets currently closed. If the user reopens the SharePoint page, the APM SAML authentication will get a fresh authentication from the ADFS Server since the APM session for this service hasn't been closed by the user initiated logout. Goal: Before I start to code an iRule that pulls off the SLO manually, I'd like to explore the possibilities of the build-in SAML SP Single-Sign-Out capabilities. Unfortunately I can't find any useful information how this may work out in conjunction with with APM SAML Pre-Auth, SharePoint and Microsoft ADFS Server behind another 2FA/AD Auth APM Policy. Cheers, Kai
