From e284a96d8f570506f76321ab7a760688e07c5f37 Mon Sep 17 00:00:00 2001
From: Sajinie Kavindya <sajiniekavindya@gmail.com>
Date: Tue, 18 Oct 2022 19:46:48 +0530
Subject: [PATCH] Invalidate Session during a SAML2 based SSO logout

Resolves wso2/product-ei#5542
---
 .../main/java/org/wso2/carbon/ui/CarbonUILoginUtil.java  | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUILoginUtil.java b/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUILoginUtil.java
index 462ab953d95..978414e2ec1 100644
--- a/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUILoginUtil.java
+++ b/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUILoginUtil.java
@@ -338,6 +338,15 @@ protected static boolean handleLogout(CarbonUIAuthenticator authenticator,
         // This condition is evaluated when users are logged out in SAML2 based SSO
         if (request.getAttribute("logoutRequest") != null) {
         	log.debug("Loging out from SSO session");
+		
+	    try {
+                invalidateSession(session);
+            } catch (Exception ignored) {
+                // Ignore exception when invalidating and invalidated session
+                if (log.isDebugEnabled()) {
+                    log.debug("Error in invalidating frontend session ", ignored);
+                }
+            }
             response.sendRedirect(contextPath + "/carbon/sso-acs/redirect_ajaxprocessor.jsp?logout=true");
             return false;
         }