WordPress AD FS logout problem

  • Hi guys,
    we have correctly configured the plugin to use the Active Directory Federation Service in the running way, so the user can login using his AD credential.
    The problem is that when the user make the logout on the website, the request of logoff is correctly processed by IdP (I think), but on the redirect on the website, the session on WP side is still open. At this point, if the user click again on the “logout”, is redirected on the AD FS page then on the website, and the user is still logged in.
    There aren’t error on any side, on the event viewer of the AD FS there isn’t any error.

    This is our configuration on the website:
    IdP Entity Id: https://adfs.addomain.com/adfs/services/trust
    Single Sign On Service Url *: https://adfs.addomain.com/adfs/ls/
    Single Log Out Service Url: https://adfs.addomain.com/adfs/ls/
    (note: using SAML 2, SSO and SLO url should be the same)
    To use the redirect feature of SAML 2, we enabled the sign of the Sign AuthnRequest, LogoutRequest and LogoutResponse (configuring the certificate and the private key).

    On the AD FS site, the SAML Replying Party Trusted logout endpoint this is the configuration:
    Binding: POST
    Thrusted URL: https://adfs.addomain.com/adfs/ls/?wa=wsignout1.0
    Redirect: https://website.com

    We have misconfigured something or this is the normal behaviour?
    Thx in advance
    M

  • The topic ‘WordPress AD FS logout problem’ is closed to new replies.