logoutReturnPath can get receive symfony named route too.

README.md

@@ -32,7 +32,7 @@ niif_shib_auth: ~
     # baseURL:          "%shib_auth_base_url%" # optional, have default value:  /Shibboleth.sso/
     # sessionInitiator: "%shib_auth_session_initiator%" # optional, have default value: Login
     # logoutPath:       "%shib_auth_logout_path%" # optional, have default value: Logout
-    # logoutReturnPath:       "%shib_auth_logout_return_path%" # optional, have default value: "/"
+    # logoutReturnPath:       "%shib_auth_logout_return_path%" # optional, have default value: "/" you should use absolute url, or named symfony route too.
     # usernameAttribute: "%shib_auth_username_attribute%" # optional, have default value: REMOTE_USER
 ...
 ```
@@ -62,6 +62,19 @@ in `app/config/security.yml`
                 success_handler: niif_shib_auth.shib_authenticator
         ...
 ```
+You should create a simple the logout action in any controller:
+
+ ```php
+    /**
+     * @Route("/logout")
+     * @Template()
+     * @return \Symfony\Component\HttpFoundation\RedirectResponse
+     */
+    public function logoutAction()
+    {
+        return $this->redirect($this->generateUrl('logged_out'));
+    }
+```
 
 # Impersonate
 The authenticator support the impersonate feature.

Resources/config/services.yml

@@ -1,4 +1,4 @@
 services:
     niif_shib_auth.shib_authenticator:
       class: Niif\ShibAuthBundle\Security\ShibbolethAuthenticator
-      arguments: ["@logger", "%niif_shib_auth%", "@security.token_storage"]
+      arguments: ["@logger", "%niif_shib_auth%", "@security.token_storage", "@router"]

Security/ShibbolethAuthenticator.php

@@ -2,6 +2,8 @@
 
 namespace Niif\ShibAuthBundle\Security;
 
+use Symfony\Bundle\FrameworkBundle\Routing\Router;
+use Symfony\Component\Routing\Exception\RouteNotFoundException;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpFoundation\RedirectResponse;
@@ -12,20 +14,21 @@
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
 use Symfony\Component\Security\Core\Role\SwitchUserRole;
-
 use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;
 
 class ShibbolethAuthenticator extends AbstractGuardAuthenticator implements LogoutSuccessHandlerInterface
 {
     private $logger;
     private $config;
     private $tokenStorage;
+    private $router;
 
-    public function __construct($logger, $config, TokenStorage $tokenStorage)
+    public function __construct($logger, $config, TokenStorage $tokenStorage, Router $router)
     {
         $this->config = $config;
         $this->logger = $logger;
         $this->tokenStorage = $tokenStorage;
+        $this->router = $router;
     }
 
     /**
@@ -146,8 +149,12 @@ private function getLoginURL()
 
     private function getLogoutURL()
     {
-        $currentURL = urlencode($this->getProtocol().'://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
-        return $this->config['baseURL'].$this->config['logoutPath'].'?return='.$this->config['logoutReturnPath'];
+        try {
+            $returnPath = $this->router->generate($this->config['logoutReturnPath'], array(), $this->router::ABSOLUTE_URL);
+        } catch (RouteNotFoundException $e) {
+            $returnPath = $this->config['logoutReturnPath'];
+        }
+        return $this->config['baseURL'].$this->config['logoutPath'].'?return='.$returnPath;
     }
 
     private function getProtocol()