Reputation: 4212
Sign out programatically from 3rd party systems opened in another tab
Our dashboard app which has links to various 3rd party systems uses forms based authentication. When authenticated user clicks the 3rd party system's link, I use User.Identity.Name to get the identity and form a POST request for further authentication to that particular system. Each system opens in a new tab when its link is clicked from our dashboard - dashboard app remains open in previous tab. Signing in is working as expected.
These systems have their own link to sign out. I have tried sending both GET and POST requests programmatically to the sign out url - from the dashboard tab, but that does not work. User signs out from dashboard app successfully, but can still continue to access the 3rd party systems links from the other tab.
How do I sign them out from a 3rd party system, given that I know its sign out url?
Upvotes: 0
Views: 120
Answers (1)
Reputation: 48250
You should just return a page that contains a list of iframes of which each points to a page that is supposed to sign out one of applications. Browser picks up the page, follows all iframes and one by one signs out all applications.
You should not be concerned by any issues, this idea is borrowed from the ws-federation specs and it is fully compatible and raises no issues. We use it for years.
Upvotes: 1
Related Questions
- ASP.NET Windows Authentication logout
- Programmatically logout an ASP.NET user
- Kill the windows authentication session using Asp.net
- log out a user logged in from different browsers/machines using forms authentication
- Remove session ASP.NET c# when the user close the tab
- Authentication clear when tab closed in a browser
- Logging out User from one System if logged in another System
- How to logout from Relying Party?
- Auto-Logout with multiple tabs open
- How do I logout of multiple asp.net applications?