Identity provider has no single logout service available
64 views
Skip to first unread message
Noelette Stout
Dec 16, 2021, 11:20:54 AM12/16/21
to CAS Community
CAS version - 6.4.4.1
Java Version: 11.0.12
The initial error is:
org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.DelegatedAuthenticationClientLogoutAction@290aa707 in state 'terminateSession' of flow 'logout' -- action execution attributes were 'map[[empty]]'
org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.DelegatedAuthenticationClientLogoutAction@290aa707 in state 'terminateSession' of flow 'logout' -- action execution attributes were 'map[[empty]]'
which eventually gets to:
Caused by: org.pac4j.saml.exceptions.SAMLException: Identity provider has no single logout service available for the selected profile urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
I checked the IdP metadata, and sure enough, all lines for SingleLogoutService have been commented out. Is there a setting I can use locally to override this? I tried setting cas.slo.disabled=true, but I'm still getting the same error. I've been looking through the documentation for a setting to address this, but I can't seem to find it. Any help would be appreciated.
Thanks,
Noelette
Ray Bon
Dec 16, 2021, 2:19:39 PM12/16/21
to cas-...@apereo.org
Noelette,
You can try setting the logoutType to none for the service, https://apereo.github.io/cas/6.4.x/services/Service-Management.html#registered-services
Ray
On Thu, 2021-12-16 at 08:20 -0800, Noelette Stout wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.
--
Ray Bon
Programmer Analyst
Development Services, University Systems
2507218831 | CLE 019 | rb...@uvic.ca
I acknowledge and respect the lək̓ʷəŋən peoples on whose traditional territory the university stands, and the Songhees, Esquimalt and WSÁNEĆ peoples whose historical relationships with the land continue to this day.
Noelette Stout
Dec 16, 2021, 5:12:12 PM12/16/21
to cas-...@apereo.org
I tried setting the logoutType to none for this service, but I'm still getting the same error. Strangely, it works just fine in CAS 6.3.x. It only started happening when I started testing the upgrade to 6.4.x.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to a topic in the Google Groups "CAS Community" group.
To unsubscribe from this topic, visit https://groups.google.com/a/apereo.org/d/topic/cas-user/1c0Vig-1zHg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4d668898f183dff5b8e7d4cc526dd6ff94b2b89a.camel%40uvic.ca.
Noelette Stout
ITS Enterprise Applications - Senior Application Administrator
Idaho State University
Noelette Stout
Jan 3, 2022, 1:15:21 PM1/3/22
to CAS Community, Noelette Stout
I stopped getting this error when I tested with 6.5.0-RC4, so I think we'll just move from 6.3 to 6.5.
Thanks,
Noelette
Reply all
Reply to author
Forward
0 new messages