Add client install option to disable logout over SOAP

[cascardo/ipsilon.git] / ipsilon / install / ipsilon-client-install

diff --git a/ipsilon/install/ipsilon-client-install b/ipsilon/install/ipsilon-client-install
index d8a310c..452c7e0 100755 (executable)
--- a/ipsilon/install/ipsilon-client-install
+++ b/ipsilon/install/ipsilon-client-install
@@ -97,7 +97,8 @@ def saml2():
     m.set_entity_id(url_sp)
     m.add_certs(c)
     m.add_service(SAML2_SERVICE_MAP['logout-redirect'], url_logout)
-    m.add_service(SAML2_SERVICE_MAP['slo-soap'], url_logout)
+    if not args['no_saml_soap_logout']:
+        m.add_service(SAML2_SERVICE_MAP['slo-soap'], url_logout)
     m.add_service(SAML2_SERVICE_MAP['response-post'], url_post, index="0")
     m.add_allowed_name_format(SAML2_NAMEID_MAP[args['saml_nameid']])
     sp_metafile = os.path.join(path, 'metadata.xml')
@@ -335,6 +336,9 @@ def parse_args():
                         help="Single Logout URL")
     parser.add_argument('--saml-sp-post', default=None,
                         help="Post response URL")
+    parser.add_argument('--no-saml-soap-logout', action='store_true',
+                        default=False,
+                        help="Disable Single Logout over SOAP")
     parser.add_argument('--saml-secure-setup', action='store_true',
                         default=True, help="Turn on all security checks")
     parser.add_argument('--saml-nameid', default='unspecified',