我正在使用 onelogin java-saml 对我的应用程序的用户进行身份验证。SSO 部分工作正常;但是,当我使用 onelogin 用户管理页面强制注销用户时,我看不到对我的服务提供商 SLS 端点提出的任何请求。我是否缺少打开 SLO 的配置?
这是我的 onelogin 配置:
onelogin.saml2.strict = false onelogin.saml2.debug = true
onelogin.saml2.sp.entityid = https://localhost/zk
onelogin.saml2.sp.assertion_consumer_service.url = https://localhost/zk/acs
onelogin.saml2.sp.assertion_consumer_service.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
onelogin.saml2.sp.single_logout_service.url = https://localhost/zk/slo
onelogin.saml2.sp.single_logout_service.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
onelogin.saml2.sp.nameidformat = urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
onelogin.saml2.sp.x509cert = #cert 提供
onelogin.saml2.idp.entityid = 提供的#url
onelogin.saml2.idp.single_sign_on_service.url = #url 提供
onelogin.saml2.idp.single_sign_on_service.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
onelogin.saml2.idp.single_logout_service.url = #url 提供
onelogin.saml2.idp.single_logout_service.response.url = #url 提供
onelogin.saml2.idp.single_logout_service.binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
onelogin.saml2.idp.x509cert = #cert 提供
onelogin.saml2.security.nameid_encrypted = false
onelogin.saml2.security.authnrequest_signed = false
onelogin.saml2.security.logoutrequest_signed = false
onelogin.saml2.security.logoutresponse_signed = false
onelogin.saml2.security.want_messages_signed = false
onelogin.saml2.security.want_assertions_signed = false
onelogin.saml2.security.sign_metadata =
onelogin.saml2.security.want_assertions_encrypted = false
onelogin.saml2.security.want_nameid_encrypted = false
onelogin.saml2.security.requested_authncontext = urn:oasis:names:tc:SAML:2.0:ac:classes:Password
onelogin.saml2.security.onelogin.saml2.security.requested_authncontextcomparison = 精确
onelogin.saml2.security.want_xml_validation = false
onelogin.saml2.security.signature_algorithm = http://www.w3.org/2000/09/xmldsig#rsa-sha1
onelogin.saml2.organization.name = SP Java onelogin.saml2.organization.displayname = SP Java 示例 onelogin.saml2.organization.url = http://sp.example.com onelogin.saml2.organization.lang =
onelogin.saml2.contacts.technical.given_name = 技术人员 onelogin.saml2.contacts.technical.email_address = Technical@example.com onelogin.saml2.contacts.support.given_name = 支持人员 onelogin.saml2.contacts.support.email_address = 支持@@example.com