I am using STS for controlling SSO. I got one STS site, and two client site application(site a, site b).
Both of site a and site b have added the STS site as their STS reference. The single sign on is working fine, I can just login once, however, the single sign out is not working.
In both Site a and site b, I have implemented FederatedPassiveSignInStatus control below.
<wif:FederatedPassiveSignInStatus ID="FederatedPassiveSignInStatus1" runat="server"
SignOutAction="FederatedPassiveSignOut" OnSignedOut="OnSigOut_click" />
OnSigOut_click:
public void OnSigOut_click(object sender, EventArgs e)
{
FederatedAuthentication.SessionAuthenticationModule.CookieHandler.Delete();
FederatedAuthentication.SessionAuthenticationModule.DeleteSessionTokenCookie();
FederatedAuthentication.SessionAuthenticationModule.SignOut();
FederatedAuthentication.WSFederationAuthenticationModule.SignOut(false);
FormsAuthentication.SignOut();
Session.Abandon();
}
If I signout from site A first and then refresh site B, Site A will redirect to STS login login page, Site B is still in the same page with the same login info.
Can anyone know how to do the single sign out/off?
Use WSFederationAuthenticationModule. Add below module to web.config
<modules><add name="WsFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/></modules>
Use following approach. Take it as an example.
WSFederationAuthenticationModule fam = FederatedAuthentication.WSFederationAuthenticationModule;
fam.FederatedSignOut(STSSignOutAbsoluteURL,RPReturnURL);