There's no method to validate LogoutRequest without specifying NameID #68

imvishalpatel · 2020-09-16T08:15:54Z

Processing a POST containing the SAML logout request method in SamlClient always expect NameID but in my case, I'm not getting NameID as an additional parameter from IDP in the parameters.

The method I'm using is: https://github.com/coveooss/saml-client/blob/7d334b40558aaa02d3931e0db21c8d39dde5f640/src/main/java/com/coveo/saml/SamlClient.java#L871

There should be an overloaded method that should validate the LogoutRequest but without NameID.

Like below.

/**
   * Processes a POST containing the SAML logout request.
   *
   * @param request the {@link HttpServletRequest}.
   * @return An {@link LogoutRequest} object containing information decoded from the SAML Logout
   *         Request.
   * @throws SamlException thrown is an unexpected error occurs.
   */
  public LogoutRequest processLogoutRequestPostFromIdentityProvider(HttpServletRequest request)
      throws SamlException {
    String encodedResponse = request.getParameter(HTTP_REQ_SAML_PARAM);
    return decodeSamlLogoutRequest(encodedResponse, request.getMethod());
  }

The text was updated successfully, but these errors were encountered:

imvishalpatel changed the title ~~There's no method to validate SamlLogoutRequest without specifying NameID~~ There's no method to validate LogoutRequest without specifying NameID Sep 16, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

There's no method to validate LogoutRequest without specifying NameID #68

There's no method to validate LogoutRequest without specifying NameID #68

imvishalpatel commented Sep 16, 2020

There's no method to validate LogoutRequest without specifying NameID #68

There's no method to validate LogoutRequest without specifying NameID #68

Comments

imvishalpatel commented Sep 16, 2020