single logout accross SAML and OpenID Connect protocols
There is a protocol bridge for SSO, but I noticed there is not always for SLO.
In particular, I have tested the following use cases. It implies 3 different actors :
- a LemonLDAP::NG as SAML IdP and OIC provider,
- a LemonLDAP::NG OIC RP
- a SAML SP
||logout from / actor||IdP||SAML SP||OIC RP|| |logout from IdP|{color:green}OK{color}|{color:green}OK{color}|{color:red}KO{color}| |logout from SAML SP|{color:green}OK{color}|{color:green}OK{color}|{color:red}KO{color}| |logout from OIC RP|{color:green}OK{color}|{color:red}KO{color}|{color:green}OK{color}|