Single SignOut Issue, it cannot be performed in multiple site

Question

I am using STS for controlling SSO. I got one STS site, and two client site application(site a, site b).

Both of site a and site b have added the STS site as their STS reference. The single sign on is working fine, I can just login once, however, the single sign out is not working.

In both Site a and site b, I have implemented FederatedPassiveSignInStatus control below.

<wif:FederatedPassiveSignInStatus ID="FederatedPassiveSignInStatus1" runat="server" 
    SignOutAction="FederatedPassiveSignOut" OnSignedOut="OnSigOut_click" />

OnSigOut_click:

public void OnSigOut_click(object sender, EventArgs e)
{

    FederatedAuthentication.SessionAuthenticationModule.CookieHandler.Delete();
    FederatedAuthentication.SessionAuthenticationModule.DeleteSessionTokenCookie();
    FederatedAuthentication.SessionAuthenticationModule.SignOut();
    FederatedAuthentication.WSFederationAuthenticationModule.SignOut(false);
    FormsAuthentication.SignOut();
    Session.Abandon();

}

If I signout from site A first and then refresh site B, Site A will redirect to STS login login page, Site B is still in the same page with the same login info.

Can anyone know how to do the single sign out/off?

Answer 1

Use WSFederationAuthenticationModule. Add below module to web.config

<modules><add name="WsFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/></modules>

Use following approach. Take it as an example.

WSFederationAuthenticationModule fam = FederatedAuthentication.WSFederationAuthenticationModule;
fam.FederatedSignOut(STSSignOutAbsoluteURL,RPReturnURL);