brockallen
commented
9 years ago Ok, thanks for the description. And you're right -- the logout mechanism for ws-fed with iframes doesn't work if the user's browser doesn't send the cookie because they think it's a 3rd party cookie and that's disabled.
Just opening a new question with details from a similar previously opened question
Previous Question We host a multi instance web application on Azure, we use the Azure ACS along with the ThinkTechture V2 STS. We ran into this issue and I thought logging this may help someone with a similar issue later.
A perfect storm with the combination of IE, Azure ACS using IFrames during sign-in, a persistent session cookie and the STS's redirect (302) during login meant that the 'idsrvauth' cookie was being accepted by the IE during sign-in but not presented during sign-out, this caused the sign-out to fail and sending the browser back to the STS sign-in page then subsequently back to the website.
In short the user was unable to sign-out if they had previously selected 'Remember Me'.
This was resolved by telling IE to present the cookie by adding the custom header "" into the STS web config.
It seems that IE was interpreting the persistent version of the cookie as a 3rd party tracking cookie and not allowing it.
This already has a answer but I am not sure what it exactly means.Can someone please help me out. I have been stuck on it for 2 days now.
Thanks