Reputation: 747
ADFS cookies not getting clear after successful logout
we are using ADFS for SSO ,
when we successful logging out from our app using this URL
https://XXXXX/adfs/ls/?wa=wsignout1.0
we deleting all application level cookies , but once user clicking on back buttion in browser its user able to login in application again .
we can see there some ADFS related cookies which we cant delete from app. any suggestion to solve this issue .
Upvotes: 2
Views: 6350
Answers (2)
Reputation: 373
You are using the wrong endpoint for the logout. The endpoint for SAML logout is: https://XXXXX/adfs/ls/{your_saml_logout_request}. The endpoint with "?wa=wsignout1.0" is for ws-federation logout and doesn't actually clears the cookie for the SAML login session. To get the SAML logout working do check your hashing algorithm matches for the SP and the ADFS. Also, your logout request should be signed.
Upvotes: 1
Reputation: 2414
I faced a similar issue. Now I am clearing my Azure AD auth cookies like this. Maybe its not the best solution, but it works
while (Request.Cookies["MyCookie"] != null && Request.Cookies["MyCookie1"] != null)
{
Request.Cookies["MyCookie"].Expires = DateTime.Now.AddDays(-5);
Response.Cookies.Add(new HttpCookie("MyCookie"));
Request.Cookies["MyCookie1"].Expires = DateTime.Now.AddDays(-5);
Response.Cookies.Add(new HttpCookie("MyCookie1"));
}
Upvotes: 0
Related Questions
- ADFS Single Logout fails with Requester status code
- How to send SAML 2.0 LogOut Request to ADFS?
- Logout request should be signed for ADFS?
- Proper LogoutRequest for Single Logout with ADFS IdP
- ADFS 3.0 Single Sign Out not working
- Signing out of ADFS 3.0 in ASP.net MVC app
- ADFS 2.0 Single Sign Out Not Signing Out
- SAML LogOutRequest processing failed on ADFS server
- Make adfs session cookie persistent after web browser close
- Destination URI missing from SAML 2 LogoutRequest