Skip to Content
author's profile photo Former Member
Former Member

SAML 2.0 Single Log Out (SLO) issue with iOS & PhoneGap

I am using Phonegap and jQuery AJAX calls to perform logout like below

$.ajax({ url: logoutURL, type: "POST", data: {}, cache: false, 
success: function(data, textStatus, jqXHR){........}, 
error: function(jqXHR, textStatus, errorThrown){  
     alert("Logout Failed.");  
     $.mobile.hidePageLoadingMsg(); 
     enableAllButtons(); } });          

the logout URL is a SAML 2.0 Single Log Out (SLO) URL. I have tested this on Android it is working perfectly fine. But when I tried the SLO on ios specifically iPad ios 6.1.3 it will fail and it returns me with a http 0.

I just found out from the IDP log that for android it has a warning of "Client Certificate error, IP address" but it will then automatically attempt to create outgoing SSL connection without trusted certificates. on the other hand, on iOS it does not continue the connection after the signed assertion was issued.

How can I get this solved or is there a way for me to bypass the cert problem?

All advice are appreciated.

idp.jpg (80.9 kB)
Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Best Answer
    author's profile photo Former Member
    Former Member
    Posted on May 28, 2013 at 12:23 PM

    I found out that it is a problem with iOS SDK limitation on AJAX calls to HTTPS with self signed cert.

    This linked provided me the answer: http://stackoverflow.com/questions/9276643/ajax-https-call-in-ios-using-phonegap-not-working

    All I've got to do is to write a piece of code in AppDelegate.m and the problem was solved.

    @implementation NSURLRequest(DataController)

    + (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host

    {

    // ignore certificate errors only for this domain

    if ([host hasSuffix:@"development.com"])

    {

    return YES;

    }

    else

    {

    return NO;

    }

    }

    @end

    However, this is only advisable to be done on Development environment where the certs are not properly signed.

    Hope this helps some of you who are facing similar issues

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Apr 15, 2013 at 12:22 PM

    Hi Amanda,

    your thread will be moved to a more approriate forum. IdM is used for SAP Netweaver Identity management.

    Thanks,

    Chris

    (IdM Moderator)

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.