we are working on one of the project. there are many service providers and OpenAM as working as IDP server. we have using openDJ as datastore in openAM. now we have such requirement like.
if user logging with SAML SSO on all service providers. if i have change user status as “inactive” in openDJ. that case all systems is not log out. I want for this case openAM initiate single log out request to all service providers.
I am not aware of any way to configure OpenAM to initiate a single logout to all SPs based on an attribute changing in OpenDJ as this does not have any affect on the user’s session, itself. It would seem better for the application that is performing the actual attribute change to terminate the user’s session and initiate the SLO process.