search

IdentityServer / IdentityServer2

[deprecated] Thinktecture IdentityServer is a light-weight security token service built with .NET 4.5, MVC 4, Web API and WCF.
Other
409 stars 291 forks source link

Question on federated Logout #99

Closed mdemarco1234 closed 11 years ago

mdemarco1234 commented 11 years ago

Hi Dominick,

What cookies do I need to clear out on a signout. Currently I have this code below working fine but the relying party is still showing the principal as authenticated. Do I have to clear out the FedAuth cookie on client?

    public ActionResult SignOut()
    {
        WSFederationAuthenticationModule.FederatedSignOut(new Uri("https://10.100.0.60/STS/issue/wsfed/"), new Uri("https://10.100.0.60/RelyingParty/"));

        return View("Signout");
    }
mdemarco1234 commented 11 years ago

I also tried to remove all cookies on the client and still i am able to access functionality on the client

leastprivilege commented 11 years ago

The fedauth cookie(s) need to be cleared. You can use the signout method on SAM or FAM (iirc).

mdemarco1234 commented 11 years ago

Dominick,

Thanks a bunch. If you ever need help developing new features for the product I can help you out.

Michael