OIF 10g Logout Fails With HTTP-405 Method Not Allowed
Last updated on MARCH 08, 2017
Applies to:COREid Federation - Version: 10.1.4.2.0
Information in this document applies to any platform.
Example logout URL:
With returnurl parameter provided to the /fed/user/logout call in a session authenticated using SAML 2.0 protocol, OIF should perform logout for the user then the returnurl page should be displayed.
Instead, error HTTP-405 Method Not Allowed is occurring.
The HTTP Header trace for the failing logout request shows that a SAMLRequest is being POSTed to a non-OIF URL.
Steps to reproduce
1. Access the Service Provider (SP) application via SP or Identity Provider (IdP) initiated Single Sign On (SSO) using SAML 2.0 protocol.
2. Issue the OIF logout request in the same session e.g. https://oif.oracle.com:4443/fed/user/logout?returnurl=https://app.oracle.com/apps/logout.htm
3. HTTP-405 Method Not Allowed error occurs.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms