Hi there again,
I found another bug.
I added a group mapping between my identity provider and the service provider. It works fine, but when I remove the user from the group (on the identity provider) the group is only removed in MediaWiki if the SAML attribute is still exisiting (becuase there is another entry). If it was the only entry of the SAML attribute, the user is not removed from the group on MediaWiki side because the attribute is no more provided by the service provider.
Kind regards
Markus