APM SP with ADFS Single-Log-Out
Hi Folks,
I'd like to ask for working sample configuration to perform a SAML based Single-Log-Out.
Scenario:
VS_1
-> APM Policy with SAML Pre-Auth via multiple ADFS Server(s)
-> SharePoint with WS-Federation Auth using the same ADFS Server(s)
VS_2
-> APM Policy with 2FA/AD Auth and Kerberos-SSO
-> ADFS Server for Department 1
VS_N
-> APM Policy with 2FA/AD Auth and Kerberos-SSO
-> ADFS Server for Department N
Problem:
If a user initiates a logout on the SharePoint Site, just the APM session for VS_1 gets currently closed. If the user reopens the SharePoint page, the APM SAML authentication will get a fresh authentication from the ADFS Server since the APM session for this service hasn't been closed by the user initiated logout.
Goal:
Before I start to code an iRule that pulls off the SLO manually, I'd like to explore the possibilities of the build-in SAML SP Single-Sign-Out capabilities. Unfortunately I can't find any useful information how this may work out in conjunction with with APM SAML Pre-Auth, SharePoint and Microsoft ADFS Server behind another 2FA/AD Auth APM Policy.
Cheers, Kai