Hi Kai,
I am working on a configuration with :
- ADFS 3.0
- F5 APM as SAML SP with kerberos SSO
When I imported ADFS metadata:
With this configuration, SLO does not work
I made it work by setting SLO request and response URLs to (made by irule)
https://idp.company.com/adfs/ls/?wa=wsignout1.0&wreply=https%3a%2f%2fsp.company.com%2f
With this configuration, the requests are:
after that, session is removed from Access session and next request to SP requires authentication against ADFS (ADFS session was also closed)
But, when the user access to more than 1 application with ADFS Auth, SLO seems to be disabled in ADFS. ADFS display the "You have successfully signed out." message but session is still active in both ADFS and APM.