Salve,
abbiamo sue SP è un solo metadata. Il problema si verifica al momento del logout. Se qualcuno ha un po di pazineza è guardare quello che vi illustro per cercare di capire dove sta il problema grazie :
Abbiamo SP A e SP B
L’entityid è https://spid.ordineingegneri.genova.it
SP B fa la richiesta di lgout, questo è quello che succede
SP B → IDP
<samlp:LogoutRequest xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”
xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”
ID="_d5d33e126819c99c46e98b3d9b732f22" IssueInstant=“2021-11-24T14:00:01Z” Version=“2.0” Destination=“SPID Validator”>
<saml:Issuer NameQualifier=“https://spid.ordineingegneri.genova.it” Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:entity”>https://spid.ordineingegneri.genova.it</saml:Issuer>
<saml:NameID NameQualifier=“SPID Validator” Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:transient”>SPID Validator</saml:NameID>
samlp:SessionIndex_d80abd01-6472-4fe5-a4c6-40bf2d5fa05f</samlp:SessionIndex>
</samlp:LogoutRequest>
IDP → SP A
<samlp:LogoutRequest xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”
xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”
ID="_d5d33e126819c99c46e98b3d9b732f22" IssueInstant=“2021-11-24T14:00:01Z” Version=“2.0” Destination=“SPID Validator”>
<saml:Issuer NameQualifier=“https://spid.ordineingegneri.genova.it” Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:entity”>https://spid.ordineingegneri.genova.it</saml:Issuer>
<saml:NameID NameQualifier=“SPID Validator” Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:transient”>SPID Validator</saml:NameID>
samlp:SessionIndex_d80abd01-6472-4fe5-a4c6-40bf2d5fa05f</samlp:SessionIndex>
</samlp:LogoutRequest>
SP A → IDP
<samlp:LogoutResponse
xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”
xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”
ID="_6ec700ea-bf8b-46ac-9e22-cb5a005282f9"
Version=“2.0”
IssueInstant=“2021-11-24T14:00:03Z”
Destination=“https://spid.ordineingegneri.genova.it/ordineingegnerigenova/module.php/saml/sp/saml2-logout.php/service”
InResponseTo="_d5d33e126819c99c46e98b3d9b732f22">
<saml:Issuer
Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:entity”
NameQualifier=“SPID Validator”>
SPID Validator</saml:Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
</samlp:LogoutResponse>
IDP → SP A
<samlp:LogoutResponse
xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”
xmlns:saml=“urn:oasis:names:tc:SAML:2.0:assertion”
ID="_6ec700ea-bf8b-46ac-9e22-cb5a005282f9"
Version=“2.0”
IssueInstant=“2021-11-24T14:00:03Z”
Destination=“https://spid.ordineingegneri.genova.it/ordineingegnerigenova/module.php/saml/sp/saml2-logout.php/service”
InResponseTo="_d5d33e126819c99c46e98b3d9b732f22">
<saml:Issuer
Format=“urn:oasis:names:tc:SAML:2.0:nameid-format:entity”
NameQualifier=“SPID Validator”>
SPID Validator</saml:Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
</samlp:LogoutResponse>
Fine il logout avviene su SP A
Quale può essere il problema? Grazie a chi mi risponde