I am using SAML based SSO for my application where IDP role is played by OpenAM. I have tested SP based SSO,SLO and IDP based SSO, all are working fine, but IDP based SLO is not working, when a user is logging out of IDP, I am getting a notification in my SP, but this request do not contain any user information or browser cookies, so wondering about two things:
- Is these notification happening back channeled?
- If not, how can I fetch my SP side session and invalidate when such notification comes?
also if their some sample implementation available in Java?
