My Oracle Support Banner

OIF 10g Logout Fails With HTTP-405 Method Not Allowed (Doc ID 1263984.1)

Last updated on MARCH 08, 2017

Applies to:

COREid Federation - Version: 10.1.4.2.0 and later   [Release: 10g and later ]
Information in this document applies to any platform.

Symptoms

Oracle Identity Federation (OIF) 10g SAML 2.0 logout is being requested with a returnurl parameter:

Example logout URL:

https://oif.oracle.com:4443/fed/user/logout?returnurl=https://app.oracle.com/apps/logout.htm


With returnurl parameter provided to the /fed/user/logout call in a session authenticated using SAML 2.0 protocol, OIF should perform logout for the user then the returnurl page should be displayed.


Instead, error HTTP-405 Method Not Allowed is occurring.


The HTTP Header trace for the failing logout request shows that a SAMLRequest is being POSTed to a non-OIF URL.


Steps to reproduce

1. Access the Service Provider (SP) application via SP or Identity Provider (IdP) initiated Single Sign On (SSO) using SAML 2.0 protocol.

2. Issue the OIF logout request in the same session e.g. https://oif.oracle.com:4443/fed/user/logout?returnurl=https://app.oracle.com/apps/logout.htm

3. HTTP-405 Method Not Allowed error occurs.



Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
  Symptoms
  Cause
  Solution

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.