Hmm, oxShibboleth-52 is about back-channel (SOAP) logout, which is not yet supported in Shibboleth.
However, the issue I'm seeing is about front-channel (e.g. HTTP-Redirect) logout, which works in standalone Shibboleth since version 3.2.0
Gluu 3.1.6. is using Shibboleth as an extension - i.e. during login it forwards authentication work to oxAuth.
All login endopoints are doing this fine:
```
https://server.name/idp/profile/SAML2/Redirect/SSO
https://server.name/idp/profile/SAML2/POST/SSO
...etc...
```
However, it seems that logout endpoints are not yet notifying oxAuth to destroy the user session on Gluu server.
I believe all Shibboleth's logout endpoints, i.e.
```
https://server.name/idp/profile/Logout
https://server.name/idp/profile/SAML2/Redirect/SLO
https://server.name/idp/profile/SAML2/POST/SLO
...etc..
```
need to call oxAuth logout procedure as the first step - to destroy user session at Gluu server.
Otherwise SAML SPs are unable to execute SSO Logout properly.