0

我正在使用 onelogin java-saml 对我的应用程序的用户进行身份验证。SSO 部分工作正常;但是,当我使用 onelogin 用户管理页面强制注销用户时,我看不到对我的服务提供商 SLS 端点提出的任何请求。我是否缺少打开 SLO 的配置?

这是我的 onelogin 配置:

onelogin.saml2.strict = false onelogin.saml2.debug = true

onelogin.saml2.sp.entityid = https://localhost/zk

onelogin.saml2.sp.assertion_consumer_service.url = https://localhost/zk/acs

onelogin.saml2.sp.assertion_consumer_service.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST

onelogin.saml2.sp.single_logout_service.url = https://localhost/zk/slo

onelogin.saml2.sp.single_logout_service.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect

onelogin.saml2.sp.nameidformat = urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

onelogin.saml2.sp.x509cert = #cert 提供

onelogin.saml2.idp.entityid = 提供的#url

onelogin.saml2.idp.single_sign_on_service.url = #url 提供

onelogin.saml2.idp.single_sign_on_service.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect

onelogin.saml2.idp.single_logout_service.url = #url 提供

onelogin.saml2.idp.single_logout_service.response.url = #url 提供

onelogin.saml2.idp.single_logout_service.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect

onelogin.saml2.idp.x509cert = #cert 提供

onelogin.saml2.security.nameid_encrypted = false

onelogin.saml2.security.authnrequest_signed = false

onelogin.saml2.security.logoutrequest_signed = false

onelogin.saml2.security.logoutresponse_signed = false

onelogin.saml2.security.want_messages_signed = false

onelogin.saml2.security.want_assertions_signed = false

onelogin.saml2.security.sign_metadata =

onelogin.saml2.security.want_assertions_encrypted = false

onelogin.saml2.security.want_nameid_encrypted = false

onelogin.saml2.security.requested_authncontext = urn:oasis:names:tc:SAML:2.0:ac:classes:Password

onelogin.saml2.security.onelogin.saml2.security.requested_authncontextcomparison = 精确

onelogin.saml2.security.want_xml_validation = false

onelogin.saml2.security.signature_algorithm = http://www.w3.org/2000/09/xmldsig#rsa-sha1

onelogin.saml2.organization.name = SP Java onelogin.saml2.organization.displayname = SP Java 示例 onelogin.saml2.organization.url = http://sp.example.com onelogin.saml2.organization.lang =

onelogin.saml2.contacts.technical.given_name = 技术人员 onelogin.saml2.contacts.technical.email_address = Technical@example.com onelogin.saml2.contacts.support.given_name = 支持人员 onelogin.saml2.contacts.support.email_address = 支持@@example.com

4

1 回答 1

0

回答我自己的问题,我忘记了我在 localhost 上运行测试服务提供商,所以 onelogin 无法将 SLO 响应发送到 SP

于 2019-06-21T16:43:17.137 回答