ADFS 2.0 Web 应用注销
[英]ADFS 2.0 Web app signout
问题描述
We are using a customer ASP.NET button to signout of our web app which uses ADFS for authentication.
我们正在使用客户 ASP.NET 按钮注销我们的 web 应用程序,该应用程序使用 ADFS 进行身份验证。 We've tried several options to try and get the app to signout properly but nothing seems to work.我们已经尝试了几个选项来尝试让应用程序正确退出,但似乎没有任何效果。
It generally takes you to the signout page on the federation server which says you have been signed out properly but if you hit back you can still access the web app.它通常会将您带到联合服务器上的注销页面,该页面显示您已正确注销,但如果您回击,您仍然可以访问 web 应用程序。
Tried: https://{DNS_name_of_RP_STS}/adfs/ls/?wa=wsignout1.0试过:https://{DNS_name_of_RP_STS}/adfs/ls/?wa=wsignout1.0
https://{DNS_name_of_RP_STS}/adfs/ls/?wa=wsignout1.0&wreply={post-sign-out_landing_URL} etc https://{DNS_name_of_RP_STS}/adfs/ls/?wa=wsignout1.0&wreply={post-sign-out_landing_URL} 等
Has anyone got this to work properly?有没有人让它正常工作?
Thanks for your time谢谢你的时间
3 个解决方案
解决方案1
8 已采纳 2011-07-08 14:24:30
As I understand you just redirect the user to the ADFS with the appropriate wssignout action.据我了解,您只需使用适当的 wssignout 操作将用户重定向到 ADFS。 This won't delete the authentication cookie created for your application, so the user stays logged on.这不会删除为您的应用程序创建的身份验证 cookie,因此用户保持登录状态。
I use the WSFederationAuthenticationModule to trigger federated signout:我使用 WSFederationAuthenticationModule 触发联合注销:
string absoluteUrl = HttpContext.Request.Url.AbsoluteUri;
string replyUrl = absoluteUrl.Substring(0, absoluteUrl.LastIndexOf("/") + 1);
WSFederationAuthenticationModule.FederatedSignOut(null, new Uri(replyUrl));
I am replying back to the application because I want to be sure that the user is signed out.我正在回复应用程序,因为我想确保用户已注销。
Hope this helps.希望这可以帮助。
解决方案2
1 2011-07-10 20:57:46
For my apps,, using the "?wa=wsignout1.0" URL clears the application FedAuth cookies and the ADFS MSISAuth cookies.对于我的应用程序,使用“?wa=wsignout1.0”URL 清除应用程序 FedAuth cookies 和 ADFS MSISAuth cookies。
You end up on the "You have signed out" page.您最终进入“您已退出”页面。
From there, the back button takes you back to the application but if you try and do anything, you are redirected to ADFS to sign in again.从那里,后退按钮将您带回应用程序,但如果您尝试执行任何操作,您将被重定向到 ADFS 以再次登录。
解决方案3
0 2013-01-21 00:32:34
We too had a similar problem.我们也有类似的问题。 The solution which worked for us recommended to add an Endpoint in the relying party trust in ADFS 2.0 management console.对我们有用的解决方案建议在 ADFS 2.0 管理控制台的信赖方信任中添加一个端点。 Please follow the below steps:请按照以下步骤操作:
Add the signout URL in the google configuration (Advanced ) -> SSO -
在 google 配置 (Advanced) -> SSO - 中添加注销 URL -Log out URL = https://{DNS_name_of_RP_STS}/adfs/ls/?wa=wsignout1.0
注销 URL = https://{DNS_name_of_RP_STS}/adfs/ls/?wa=wsignout1.0Go to the ADFS 2.0 Management console .
Go 到ADFS 2.0 管理控制台。 Under the Endpoints tab, click Add在端点选项卡下,单击添加Endpoint Type = SAML Logout, Binding = POST, URL = https://myadfsserver.domain.net/adfs/ls/?wa=wsignout1.0 You can set a response URL if you want it to redirect to another page but we like the ADFS site since it warns that you are logged off but you should still close your browser.
Endpoint Type = SAML Logout, Binding = POST, URL = https://myadfsserver.domain.net/adfs/ls/?wa=wsignout1.0 You can set a response URL if you want it to redirect to another page but we like ADFS 站点,因为它警告您已注销,但您仍应关闭浏览器。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.