Messages created for SOAP requests are being signed twice.
Basics
Technical
Logistics
Basics
Technical
Logistics
Description
The SAML SLO request logic is signing the LogoutRequest inside the logout handler, but then signing it again inside the SOAP client. I think the client portion was added late to refactor the signing code out of the handlers and I forgot to pull the original code.
The SAML SLO request logic is signing the LogoutRequest inside the logout handler, but then signing it again inside the SOAP client. I think the client portion was added late to refactor the signing code out of the handlers and I forgot to pull the original code.