After some looking around I found the answer on stackoverflow. The problem was Session.Abandon() and FormsAuthentication.SignOut() were clearing the user cookies and session state but STS token were never cleaned up. Use this code to complete Sign out process:
WSFederationAuthenticationModule fam =
FederatedAuthentication.WSFederationAuthenticationModule;
string wrealm = string.Format("wtrealm={0}", fam.Realm);
string signOutUrl =
WSFederationAuthenticationModule.GetFederationPassiveSignOutUrl(
fam.Issuer, null, wrealm);
string wreply = Request.Url.AbsoluteUri;
WSFederationAuthenticationModule.FederatedSignOut(
new Uri(signOutUrl), new Uri(wreply));
You can paste this code in your logout handler and should clean up STS token. After logout STS will redirect browser to URL set by “wreply” and can be set to any URL. You don’t need to set this parameter, in case of null, STS will redirect to default application page set during STS configuration.
This routine send “wsignout1.0” command to STS to clean up token for the user. Here is the signout URL:
http://localhost:8888/?wa=wsignout1.0&wtrealm=http%3a%2f%2flocalhost%3a58077%2f&wreply=http%3a%2f%2flocalhost%3a58077%2fdefault.aspx
Hope this helps.
-Javed
No comments:
Post a Comment