policy.getIssuerMetadata() ? new MetadataCredentialCriteria(*policy.getIssuerMetadata()) : NULL
);
try {
- auto_ptr<XMLObject> decryptedID(encname->decrypt(*cr,application.getXMLString("entityID").second,mcc.get()));
+ auto_ptr<XMLObject> decryptedID(
+ encname->decrypt(
+ *cr,
+ application.getRelyingParty(policy.getIssuerMetadata() ? dynamic_cast<EntityDescriptor*>(policy.getIssuerMetadata()->getParent()) : NULL)->getXMLString("entityID").second,
+ mcc.get()
+ )
+ );
nameid = dynamic_cast<NameID*>(decryptedID.get());
if (nameid) {
ownedName = true;
}
checkError(logoutResponse, policy.getIssuerMetadata()); // throws if Status doesn't look good...
+ // If relay state is set, recover the original return URL.
+ if (!relayState.empty())
+ recoverRelayState(application, request, response, relayState);
+ if (!relayState.empty())
+ return make_pair(true, response.sendRedirect(relayState.c_str()));
+
// Return template for completion of global logout, or redirect to homeURL.
- return sendLogoutPage(application, response, false, "Global logout completed.");
+ return sendLogoutPage(application, request, response, false, "Global logout completed.");
}
FatalProfileException ex("Incoming message was not a samlp:LogoutRequest or samlp:LogoutResponse.");
}
Issuer* issuer = IssuerBuilder::buildIssuer();
logout->setIssuer(issuer);
- issuer->setName(application.getXMLString("entityID").second);
+ issuer->setName(application.getRelyingParty(dynamic_cast<EntityDescriptor*>(role->getParent()))->getXMLString("entityID").second);
fillStatus(*logout.get(), code, subcode, msg);
auto_ptr_char dest(logout->getDestination());