Contrib.social

Session Index validation for Logout Request failed. Received: [null]

Open on Drupal.org →
Created on 26 July 2018, over 6 years ago
Updated 29 December 2023, 11 months ago

When logging out via the samlauth module, I correctly get logged out of drupal, but the request sent to WSO2 appears to be missing the sessionindex tag to log me out completely:
LOGOUT REQUEST:

<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                     xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                     ID="ONELOGIN_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                     Version="2.0"
                     IssueInstant="2018-07-27T08:31:22Z"
                     Destination="https://test.test/samlsso">
  <saml:Issuer>https://somedomain.com</saml:Issuer>
  <saml:NameID SPNameQualifier="https://somedomain.com"
               Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">test.test</saml:NameID>

</samlp:LogoutRequest>

LOGOUT RESPONSE:

<?xml version="1.0" encoding="UTF-8"?>
<saml2p:LogoutResponse Destination="https://test.test/samlsso"
                       ID="YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY"
                       InResponseTo="ONELOGIN_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                       IssueInstant="2018-07-27T08:31:22.109Z"
                       Version="2.0"
                       xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
  <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
                xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">test.test</saml2:Issuer>
  <saml2p:Status>
    <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester" />
    <saml2p:StatusMessage>Session Index validation for Logout Request failed. Received: [null]. Expected: [xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx]</saml2p:StatusMessage>
  </saml2p:Status>
</saml2p:LogoutResponse>

Does anyone know what the issue could be or where I could fix this in the code?

💬 Support request
Status

Postponed: needs info

Version

2.0

Component

Code

Created by

nicolas-mosch

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment 11 months ago
    🇳🇱Netherlands roderik Amsterdam,NL / Budapest,HU

    The reporter of Logout Support For Blocked Or SAML Authenticated User Active mentioned this issue might be related. If it is, then that would imply that the user was not properly logged in. (Which this issue does not state.)

    The issue with "problem logging out after login problems" is properly documented/reproduced by #3365193 so will be fixed there.

    I might close this issue if no reproducible information comes in after a while.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024