Skip to content
This repository has been archived by the owner on Sep 18, 2021. It is now read-only.

single sign-out multiple applications #856

Closed
rathcale opened this issue Jan 31, 2015 · 1 comment
Closed

single sign-out multiple applications #856

rathcale opened this issue Jan 31, 2015 · 1 comment
Labels

Comments

@rathcale
Copy link

Hi,

I'm using identity server v2 and I have an environment where I use the token stored in the FedAuth cookie between app servers using the same machine key for encryption/decryption of the cookie. My issue is that when I sign off from one application, I need to sign out of all apps and invalidate all of the application sessions.

What I have tried to do is during initial session bring-up, in each subsequent app, is call the following URL: https://myidentityserver.mydomain.com/Idsrv/issue/wsfed?wa=wsignin1.0&wtrealm=http%3a%2f%2fmyrealm.com%2f&wctx=https%3a%2f%2fmyapp2.mydomain.com%2f&wreply=https%3a%2f%2fmyapp2.mydomain.com%2f

My hope by calling this was that the identityserver would append the wctx URL in the wsfedsignout cookie. However, this does not happen. The WSFederationController.ProcessWSFederationSignIn method calls FederatedPassiveSecurityTokenServiceOperations.ProcessSignInRequest which returns a response that has the BaseUri value of the Relying Party Redirect URL, which is part of the identity server configuration.

So, is there any way around this? It appears as if there should be support for single sign-out amongst multiple applications in identityserver v2 by looking at the code.

Thanks for your help in advance.

Cale

@leastprivilege
Copy link
Member

wrong repo - this is identityserver3

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

2 participants