Identity server single sign out, logout from server too

Question

Here is my logout code that I use in relying party:

    FederationConfiguration cfg = FederatedAuthentication.FederationConfiguration;
    var fam = FederatedAuthentication.WSFederationAuthenticationModule;
    fam.SignOut(false);
    var signOutRequestMessage = new SignOutRequestMessage(new Uri(fam.Issuer), fam.Realm);
    return new RedirectResult(signOutRequestMessage.WriteQueryString());

And get logout from RP and redirected to Identity server "Signed out" page, but I still remain logged in at Identity server, is this expected behaviour? How can I change this so I get logged out from Identity server also?

score 1 · Answer 1 · answered Aug 25 '13 at 17:45

1

It depends how the IdentityServer is doing authentication. If it's cookie based, then you should be logged out but if it's using something like integrated windows auth, then you're going to get automatically logged back in.

answered Aug 25 '13 at 17:45

Brock Allen

7,385
19
24

It is cookie based, but I messed with code alot. I set up wsfed and HRD on same view, and I am also authenticating users from HRD as wsfed based (since I register them with Simple membership). Anyway I got it working. – formatc Aug 25 '13 at 17:51

score 0 · Accepted Answer · answered Aug 25 '13 at 17:53

0

I've modified HRDController:

 private ActionResult ShowSignOutPage(string returnUrl)
 {
   ....
   FederatedAuthentication.SessionAuthenticationModule.DeleteSessionTokenCookie(); //added this
   return View("Signout", realms);
 }

answered Aug 25 '13 at 17:53

formatc

4,261
7
43
81

Identity server single sign out, logout from server too

2 Answers2

Linked