private void sendToFrameworkForLogout( HttpServletRequest request, HttpServletResponse response, SAMLSSOReqValidationResponseDTO signInRespDTO, String relayState, String sessionId, boolean invalid, boolean isPost) throws ServletException, IOException { SAMLSSOSessionDTO sessionDTO = new SAMLSSOSessionDTO(); sessionDTO.setHttpQueryString(request.getQueryString()); sessionDTO.setRelayState(relayState); sessionDTO.setSessionId(sessionId); sessionDTO.setLogoutReq(true); sessionDTO.setInvalidLogout(invalid); if (signInRespDTO != null) { sessionDTO.setDestination(signInRespDTO.getDestination()); sessionDTO.setRequestMessageString(signInRespDTO.getRequestMessageString()); sessionDTO.setIssuer(signInRespDTO.getIssuer()); sessionDTO.setRequestID(signInRespDTO.getId()); sessionDTO.setSubject(signInRespDTO.getSubject()); sessionDTO.setRelyingPartySessionId(signInRespDTO.getRpSessionId()); sessionDTO.setAssertionConsumerURL(signInRespDTO.getAssertionConsumerURL()); sessionDTO.setValidationRespDTO(signInRespDTO); } String sessionDataKey = UUIDGenerator.generateUUID(); addSessionDataToCache( sessionDataKey, sessionDTO, IdPManagementUtil.getIdleSessionTimeOut( CarbonContext.getThreadLocalCarbonContext().getTenantDomain())); String commonAuthURL = CarbonUIUtil.getAdminConsoleURL(request); commonAuthURL = commonAuthURL.replace("samlsso/carbon/", "commonauth"); String selfPath = URLEncoder.encode("/samlsso", "UTF-8"); // Add all parameters to authentication context before sending to authentication // framework AuthenticationRequest authenticationRequest = new AuthenticationRequest(); authenticationRequest.addRequestQueryParam( FrameworkConstants.RequestParams.LOGOUT, new String[] {"true"}); authenticationRequest.setRequestQueryParams(request.getParameterMap()); authenticationRequest.setCommonAuthCallerPath(selfPath); authenticationRequest.setPost(isPost); if (signInRespDTO != null) { authenticationRequest.setRelyingParty(signInRespDTO.getIssuer()); } authenticationRequest.appendRequestQueryParams(request.getParameterMap()); // Add headers to AuthenticationRequestContext for (Enumeration e = request.getHeaderNames(); e.hasMoreElements(); ) { String headerName = e.nextElement().toString(); authenticationRequest.addHeader(headerName, request.getHeader(headerName)); } AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest); FrameworkUtils.addAuthenticationRequestToCache( sessionDataKey, authRequest, IdPManagementUtil.getIdleSessionTimeOut( CarbonContext.getThreadLocalCarbonContext().getTenantDomain())); String queryParams = "?" + SAMLSSOConstants.SESSION_DATA_KEY + "=" + sessionDataKey + "&" + "type" + "=" + "samlsso"; response.sendRedirect(commonAuthURL + queryParams); }