Missing NameQualifier and SPNameQualifier in LogoutRequest result in UnknownPrincipal

Implemented, unit tested, documentation added.

Thank you Scott, for fixing it.

In the mean time this issue was also reported for keycloak, no resolution there yet:

  https://issues.jboss.org/browse/KEYCLOAK-7820

Finally, the interoperability of both products will be improved.

I've settled on a fix that adds qualifier defaulting in the comparison rules but does so automatically for persistent and transient, and adds a profile config option that allows additional formats to be defined as permitting that comparison logic, which allows custom formats to be handled.

This is strictly incorrect for any of the other standard Formats, but if people want to alter the system's conformance, they will be able to do that also.

Regardless of my original reasoning, the standard is very poorly worded in this area, but one of the things that's overlooked with this is that the defaulting of the qualifiers is in fact only specified behavior for persistent and transient. It would be incorrect on the face of it to default the qualifiers with any other Format that's defined by the standard. Of course, custom Formats are free to define the same rules, which further complicates this.

I think there would have to be some kind of Format-driven rule for what to do here.

I don't know yet, I have to review why I didn't fix it the last time it came up.