Forum Discussion

Gihad_296649's avatar
Gihad_296649
Icon for Nimbostratus rankNimbostratus
Feb 03, 2017

SAML SLO

Hi

 

I am configuring F5 as a local SP bound to a Idp connector to an external SAML service and I am trying to figure out the logout and why it is not working.

 

I get that uri "saml/sp/profile/post/sls" as part of the exported metadata for the local sp and the redirections are working fine (doing a POST as well) but it doesn't seem like this url is there, i keep getting an error connecting to the backend.

 

Any ideas?

 

F5 11.6 Virtual instance (test environment) with APM. We have two instances, one is in the DMZ for routing and the other one that is internal has the APM module and all the configuration for SAML

 

5 Replies

  • Try to look at the debug log in apm. You will find the reason for the TCP Reset there. Enable Debug Level in APM Log settings before.

     

  • Feb 6 08:59:50 warning tmm[22068]: 014d0002:4: e1591246: SSOv2 Unsupported method used for SLO Request

     

    Feb 6 08:59:50 err tmm[22068]: 014d0002:3: e1591246: SSOv2 Error (12) in reading sp info from session db