In the event that a <saml2:LogoutRequest> is received, it should be possible to return a <saml2:LogoutResponse> even if there is no user in the session, so long at the relying party can be identified.
In the event that a <saml2:LogoutRequest> is received, it should be possible to return a <saml2:LogoutResponse> even if there is no user in the session, so long at the relying party can be identified.