题
I have a web application and have added that in the replying party in adfs. For my application i have used the identity and access tool. My application is built on .Net 4.5 and MVC 4 architecture. For login, i get redirected to the login page and it uses my ADFS active directory authentication. The issue i am facing is with signout. I have so far tried the following things,
1. <a href="<myADFSserver>/adfs/ls/?wa=wsignout1.0&wreply=https://localhost">Logout</a>
This redirects me the logout screen, but on clicking the back button i am able to go back to my application. If i open my application in the next tab it still opens without any credential prompt.
2.
https://stackoverflow.com/questions/19152357
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianstring absoluteUrl = HttpContext.Request.Url.AbsoluteUri;
string replyUrl = absoluteUrl.Substring(0, absoluteUrl.LastIndexOf("/") + 1);
WSFederationAuthenticationModule.FederatedSignOut(null, new Uri(replyUrl));
This gives me an error saying signout url cant be null. On entering the URl the situation is the same as in point 1.
What am i missing in the above code or what could be the possible solution.
解决方案
The following code got it working. Thanks for your support..
public void LogOut()
{
var module = FederatedAuthentication.WSFederationAuthenticationModule;
module.SignOut(false);
var request = new SignOutRequestMessage(new Uri(module.Issuer), module.Realm);
Response.Redirect(request.WriteQueryString());
}
其他提示
You should be able to configure a logout URL for each of your Relying Parties. In my experience, ADFS then uses a (hidden) iframe for each service it started a session with and passes the RP application's logout page as the iframe's src.
This should make both #1 and #2 work.
