适用于API Manager和Identity Server的WSO2 SAML SSO / SLO

Environment:
Windows Server 2008 R2
wso2is-5.3.0
wso2am-2.1.0

URLs/Ports:
-HostName：9443 /碳
-HostName：9443 /个出版者
-HostName：9443 /店
-hostname：9444 / carbon（Identity Server）

Problem:
我已使用IS作为身份提供程序为上面列出的所有组件配置了SAML SSO，如下所示：https://docs.wso2.com/display/AM210/Configuring+Identity+Server+as+IDP+for+SSO

单点登录完美运行 . 我点击了上述任何一个URL，我被重定向到IS，我进行了身份验证，并且我已登录到所有URL而无需重新身份验证 . 问题来自单点注销 . 如果我先退出商店或发布者，会显示会话无效并且我已注销所有组件（即如果我刷新浏览器，则会提示我重新进行身份验证） . 但是我在IS日志中看到以下错误 .

TID: [-1] [] [2017-09-20 10:13:41,047]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 1 after waiting for 60000 milli seconds to https://hostname:9443/acs 
TID: [-1] [] [2017-09-20 10:13:41,062]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 1 after waiting for 60000 milli seconds to https://hostname:9444/acs 
TID: [-1] [] [2017-09-20 10:14:41,060]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 2 after waiting for 60000 milli seconds to https://hostname:9443/acs 
TID: [-1] [] [2017-09-20 10:14:41,076]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 2 after waiting for 60000 milli seconds to https://hostname:9444/acs 
TID: [-1] [] [2017-09-20 10:15:41,073]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 3 after waiting for 60000 milli seconds to https://hostname:9443/acs 
TID: [-1] [] [2017-09-20 10:15:41,089]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 3 after waiting for 60000 milli seconds to https://hostname:9444/acs 
TID: [-1] [] [2017-09-20 10:16:41,086]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 4 after waiting for 60000 milli seconds to https://hostname:9443/acs 
TID: [-1] [] [2017-09-20 10:16:41,118]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 4 after waiting for 60000 milli seconds to https://hostname:9444/acs 
TID: [-1] [] [2017-09-20 10:17:41,100]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 5 after waiting for 60000 milli seconds to https://hostname:9443/acs 
TID: [-1] [] [2017-09-20 10:17:41,100] ERROR {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Single logout failed after retrying 5 times with time interval 60000 in milli seconds. 
TID: [-1] [] [2017-09-20 10:17:41,146]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 5 after waiting for 60000 milli seconds to https://hostname:9444/acs 
TID: [-1] [] [2017-09-20 10:17:41,146] ERROR {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Single logout failed after retrying 5 times with time interval 60000 in milli seconds. 
TID: [-1] [] [2017-09-20 10:18:41,128]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 1 after waiting for 60000 milli seconds to https://hostname:9443/publisher/jagg/jaggery_acs.jag 
TID: [-1] [] [2017-09-20 10:19:41,188]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 2 after waiting for 60000 milli seconds to https://hostname:9443/publisher/jagg/jaggery_acs.jag 
TID: [-1] [] [2017-09-20 10:20:41,202]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 3 after waiting for 60000 milli seconds to https://hostname:9443/publisher/jagg/jaggery_acs.jag 
TID: [-1] [] [2017-09-20 10:21:41,215]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 4 after waiting for 60000 milli seconds to https://hostname:9443/publisher/jagg/jaggery_acs.jag 
TID: [-1] [] [2017-09-20 10:22:41,228]  INFO {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Sending single log out request again with retry count 5 after waiting for 60000 milli seconds to https://hostname:9443/publisher/jagg/jaggery_acs.jag 
TID: [-1] [] [2017-09-20 10:22:41,228] ERROR {org.wso2.carbon.identity.sso.saml.logout.LogoutRequestSender} -  Single logout failed after retrying 5 times with time interval 60000 in milli seconds.

当我打开SSO日志记录时，我看到在上面重试之前，每个服务提供者都从共享会话中清除，并且会话从缓存中删除 . 那么为什么要将额外的SLO请求发送给每个提供商呢？

TID: [-1234] [] [2017-09-21 08:48:32,655] DEBUG {org.wso2.carbon.identity.sso.saml.session.SSOSessionPersistenceManager} -  Removed SLO supported service provider from session info data  with name IS_CONSOLE 
TID: [-1234] [] [2017-09-21 08:48:32,655] DEBUG {org.wso2.carbon.identity.sso.saml.session.SSOSessionPersistenceManager} -  Removed SLO supported service provider from session info data  with name API_STORE 
TID: [-1234] [] [2017-09-21 08:48:32,655] DEBUG {org.wso2.carbon.identity.sso.saml.session.SSOSessionPersistenceManager} -  Removed SLO supported service provider from session info data  with name carbonServer 
TID: [-1234] [] [2017-09-21 08:48:32,655] DEBUG {org.wso2.carbon.identity.sso.saml.session.SSOSessionPersistenceManager} -  Removed SLO supported service provider from session info data  with name API_PUBLISHER 
TID: [-1234] [] [2017-09-21 08:48:32,655] DEBUG {org.wso2.carbon.identity.sso.saml.session.SSOSessionPersistenceManager} -  Clearing the session data from cache with session index 55a88216-1b09-425e-b616-2f881bc6a717 and issuer API_PUBLISHER 
TID: [-1234] [] [2017-09-21 08:48:32,686] DEBUG {org.wso2.carbon.identity.sso.saml.servlet.SAMLSSOProviderServlet} -  SSO tokenId Cookie is removed