Local LogoutInitiator
Advanced Configuration
Note, this is an advanced configuration feature. Most deployments can rely on the <Logout> shorthand element.
Indicated by type="Local", this LogoutInitiator performs a local logout without attempting to involve the IdP, and removes the active session from the cache. Upon completion, the browser will be redirected to the location in the "return" query string parameter, if any, or the localLogout template will be displayed.
Please note that this “return” parameter feature is confined to the SP and does not apply to non-local logout protocols such as SAML or other proprietary approaches that involve an IdP. Thus, when multiple logout protocols are in place (e.g., SAML2 and Local), the parameter will often not be applied.
Attributes
The following attributes may be specified for all types of LogoutInitiator
Name | Type | Default | Description |
|---|---|---|---|
type | string | required | Plugin type name. |
Location | relative path |
| The location of the LogoutInitiator (when combined with the base handlerURL). |
relayState | string |
| Controls how information associated with the session request, primarily the original resource accessed, is preserved for the completion of the authentication process. Overrides the like-named attribute in the <Sessions> element. |
signing | one of | See Signing&Encryption. Controls outbound signing of XML messages and content subject to applicability to the protocol involved. | |
encryption | See Signing&Encryption. Controls outbound encryption of XML messages and content subject to applicability to the protocol involved. |