Add SAML 2.0 Single Logout XML Support
Closes gh-10842
This commit is contained in:
Marcus Da Coregio
@@ -164,6 +164,7 @@ The default value is true.
|
||||
* <<nsa-remember-me,remember-me>>
|
||||
* <<nsa-request-cache,request-cache>>
|
||||
* <<nsa-saml2-login,saml2-login>>
|
||||
* <<nsa-saml2-logout,saml2-logout>>
|
||||
* <<nsa-session-management,session-management>>
|
||||
* <<nsa-x509,x509>>
|
||||
|
||||
@@ -1341,6 +1342,18 @@ The AssertionConsumerService Location. Equivalent to the value found in `<Ass
|
||||
the AssertionConsumerService Binding. Equivalent to the value found in `<AssertionConsumerService Binding="..."/>` in the relying party's `<SPSSODescriptor>`.
|
||||
The supported values are *POST* and *REDIRECT*.
|
||||
|
||||
[[nsa-relying-party-registration-single-logout-service-location]]
|
||||
* **single-logout-service-location**
|
||||
The SingleLogoutService Location. Equivalent to the value found in <SingleLogoutService Location="..."/> in the relying party's <SPSSODescriptor>.
|
||||
|
||||
[[nsa-relying-party-registration-single-logout-service-response-location]]
|
||||
* **single-logout-service-response-location**
|
||||
The SingleLogoutService ResponseLocation. Equivalent to the value found in <SingleLogoutService ResponseLocation="..."/> in the relying party's <SPSSODescriptor>.
|
||||
|
||||
[[nsa-relying-party-registration-single-logout-service-binding]]
|
||||
* **single-logout-service-binding**
|
||||
The SingleLogoutService Binding. Equivalent to the value found in <SingleLogoutService Binding="..."/> in the relying party's <SPSSODescriptor>.
|
||||
The supported values are *POST* and *REDIRECT*.
|
||||
|
||||
[[nsa-relying-party-registration-asserting-party-id]]
|
||||
* **asserting-party-id**
|
||||
@@ -1402,7 +1415,6 @@ The location to get the Relying Party's private key
|
||||
|
||||
|
||||
|
||||
|
||||
[[nsa-asserting-party]]
|
||||
== <asserting-party>
|
||||
The configuration information for a SAML 2.0 Asserting Party.
|
||||
@@ -1449,6 +1461,22 @@ The supported values are *POST* and *REDIRECT*.
|
||||
The list of `org.opensaml.saml.ext.saml2alg.SigningMethod` Algorithms for this asserting party, in preference order.
|
||||
|
||||
|
||||
[[nsa-asserting-party-single-logout-service-location]]
|
||||
* **single-logout-service-location**
|
||||
The SingleLogoutService Location. Equivalent to the value found in <SingleLogoutService Location="..."/> in the asserting party's <IDPSSODescriptor>.
|
||||
|
||||
|
||||
[[nsa-asserting-party-single-logout-service-response-location]]
|
||||
* **single-logout-service-response-location**
|
||||
The SingleLogoutService ResponseLocation. Equivalent to the value found in <SingleLogoutService ResponseLocation="..."/> in the asserting party's <IDPSSODescriptor>.
|
||||
|
||||
|
||||
[[nsa-asserting-party-single-logout-service-binding]]
|
||||
* **single-logout-service-binding**
|
||||
The SingleLogoutService Binding. Equivalent to the value found in <SingleLogoutService Binding="..."/> in the asserting party's <IDPSSODescriptor>.
|
||||
The supported values are *POST* and *REDIRECT*.
|
||||
|
||||
|
||||
[[nsa-asserting-party-children]]
|
||||
=== Child Elements of <asserting-party>
|
||||
|
||||
@@ -1750,6 +1778,66 @@ Reference to the `AuthenticationFailureHandler`.
|
||||
Reference to the `AuthenticationManager`.
|
||||
|
||||
|
||||
[[nsa-saml2-logout]]
|
||||
== <saml2-logout>
|
||||
The xref:servlet/saml2/logout.adoc#servlet-saml2login-logout[SAML 2.0 Single Logout] feature configures support for RP- and AP-initiated SAML 2.0 Single Logout.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-parents]]
|
||||
=== Parent Elements of <saml2-logout>
|
||||
|
||||
* <<nsa-http,http>>
|
||||
|
||||
[[nsa-saml2-logout-attributes]]
|
||||
=== <saml2-logout> Attributes
|
||||
|
||||
|
||||
[[nsa-saml2-logout-logout-url]]
|
||||
* **logout-url**
|
||||
The URL by which the relying or asserting party can trigger logout.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-logout-request-url]]
|
||||
* **logout-request-url**
|
||||
The URL by which the asserting party can send a SAML 2.0 Logout Request.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-logout-response-url]]
|
||||
* **logout-response-url**
|
||||
The URL by which the asserting party can send a SAML 2.0 Logout Response.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-relying-party-registration-repository-ref]]
|
||||
* **relying-party-registration-repository-ref**
|
||||
Reference to the `RelyingPartyRegistrationRepository`.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-logout-request-validator-ref]]
|
||||
* **logout-request-validator-ref**
|
||||
Reference to the `Saml2LogoutRequestValidator`.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-logout-request-resolver-ref]]
|
||||
* **logout-request-resolver-ref**
|
||||
Reference to the `Saml2LogoutRequestResolver`.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-logout-request-repository-ref]]
|
||||
* **logout-request-repository-ref**
|
||||
Reference to the `Saml2LogoutRequestRepository`.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-logout-response-validator-ref]]
|
||||
* **logout-response-validator-ref**
|
||||
Reference to the `Saml2LogoutResponseValidator`.
|
||||
|
||||
|
||||
[[nsa-saml2-logout-logout-response-resolver-ref]]
|
||||
* **logout-response-resolver-ref**
|
||||
Reference to the `Saml2LogoutResponseResolver`.
|
||||
|
||||
|
||||
|
||||
[[nsa-password-management]]
|
||||
== <password-management>
|
||||
This element configures password management.
|
||||
|
||||
Reference in New Issue
Block a user