ACS signout redirect not working

StackOverflow https://stackoverflow.com/questions/18412767

  •  26-06-2022
  •  | 
  •  

Question

Working on ACS SSO, and the signout process works perfectly fine. The problem is users remain on the same page that calls the logout action, no matter what I have it set to redirect to

public ActionResult Logout()
{
    //Load identity configuration
    FederationConfiguration config = FederatedAuthentication.FederationConfiguration;

    //Get wtrealm from WSFederationConfiguration Section
    string wtrealm = config.WsFederationConfiguration.Realm;
    string wreply = wtrealm;

    //Read ACS Ws-Federation endpoint from web.config
    string wsFederationEndpoint = ConfigurationManager.AppSettings["ida:Issuer"];

    SignOutRequestMessage signoutRequestMessage = new SignOutRequestMessage(new Uri(wsFederationEndpoint));
    signoutRequestMessage.Parameters.Add("wreply", wreply);
    signoutRequestMessage.Parameters.Add("wtrealm", wtrealm);
    string signoutUrl = signoutRequestMessage.WriteQueryString();

    FederatedAuthentication.WSFederationAuthenticationModule.SignOut();
    return this.Redirect(signoutUrl);           
}

To execute this action, a page has a click handler

$('#logout').click(function () {
    $.post('@Url.Action("Logout", "Home", new { area = "" })');
});

A click is correctly handled, the Logout action is called and executed, but the site remains on the calling page. The network log shows the call to logout, but no evidence that the Redirect is even being attempted. In an effort to debug, I have commented out the Redirect to signoutURL and tried a RedirectToAction, a RedirectToRoute, and a javascript call to set window.location, none of which seem to fare any better at transferring the user to a different page. What am I missing?

Was it helpful?

Solution

What I ended up doing was moving the Logout logic into a Model class

public class LogoutHandler
{
    public string Signout()
    {
        // Load Identity Configuration
        FederationConfiguration config = FederatedAuthentication.FederationConfiguration;

        // Get wtrealm from WsFederationConfiguation Section
        string wtrealm = config.WsFederationConfiguration.Realm;
        string wreply;
        wreply = wtrealm;

        // Read the ACS Ws-Federation endpoint from web.Config
        string wsFederationEndpoint = ConfigurationManager.AppSettings["ida:Issuer"];

        SignOutRequestMessage signoutRequestMessage = new SignOutRequestMessage(new Uri(wsFederationEndpoint));

        signoutRequestMessage.Parameters.Add("wreply", wreply);
        signoutRequestMessage.Parameters.Add("wtrealm", wtrealm);

        FederatedAuthentication.SessionAuthenticationModule.SignOut();

        return signoutRequestMessage.WriteQueryString();            
    }
}

And having my logout action call that class to return the URL, and then Redirect to it. All worked well then, though I don't know if there is anything to take into account with mobile

    public ActionResult Logout()
    {
        string signoutUrl = new LogoutHandler().Signout();
        return Redirect(signoutUrl);
    }
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top