Single Logout is not redirecting the user to the RelayState URL after logging out in OpenAM 11.0.0
The purpose of this article is to provide information if Single Logout (SLO) is failing to redirect the user to the RelayState URL after logging out in OpenAM 11.0.0.
1 reader recommends this article
Archived
This article has been archived and is no longer maintained by ForgeRock.
Symptoms
SLO fails to redirect the user to the RelayState URL after logging out and instead displays the default.jsp page (IdP or SP initiated single logout succeeded). This occurs in the following situations:
- IdP initiated SLO using SOAP binding
- All SP initiated SLO using the Fedlet.
Recent Changes
N/A
Causes
The RelayState URL is incorrectly validated and then ignored.
In some cases RelayState validation removes the metaAlias from the endpoint URL and RelayState cannot be validated, as it is not possible to determine the hosting entity.
Solution
This issue can be resolved by upgrading to OpenAM 11.0.1 or later; you can download this from BackStage.
See Also
Related Training
N/A