OIF 10g How To Close A SAML 2.0 SSO Session

(Doc ID 1436083.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Identity Federation - Version: 10.1.4.3.0 and later   [Release: 10g and later ]
Information in this document applies to any platform.

Goal


Your customer (Identity Provider) who is sending an assertion to your OIF environment for SSO. The first attempt works and then logs out of your web app and their app as well. Without closing the browser at the Identity Provider side, another ID logs in and attempts to do an SSO again but receives a 500 Internal Error. Your log files show the following:

ERROR - User from existing session (SCOUT7777) is different from user received in SSO Assertion (TONGY7777)

You understand that if a SAML logout is performed, this issue will not occur and if the Identity Provider closes their browser and opens a new one, that will work too. Is there any other way to close the current SAML session other then these two options? Or is there a configuration setting I need to set?

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms