Hi Team, We are using component space SSO for the asp.net web application, The SSO will be initiated from the client with client login URL and after login, if the user logout from the application we are supposed to show the client login page again but because of SSO cached data the login page won't ask for authentication, and without any credentials, it will automatically logins to the application.
Reference :ComponentSpace.SAML2 Version:4.7
Please refer to the below code, During Login: Step 1 : user login using the client login page step 2: we receive the request SAMLServiceProvider.ReceiveSSO(Request, out isInResponseTo, out partnerIdP, out authnContext, out userName, out attributes, out targetUrl); after SSO , user logins successfully step 3: user clicks logout Session.Clear(); Session.Abandon(); HttpContext.Current.Session.Clear(); HttpContext.Current.Session.Abandon(); HttpContext.Current.Application.RemoveAll(); HttpContext.Current.Items.Clear(); FormsAuthentication.SignOut(); HttpContext.Current.Response.Cookies.Clear(); we are trying clear session and cookies.
then redirect to the client login page
step 4: client login page won't ask for any credentials and it will log in.
So after clicking logout apart from clearing regular sessions, do we need to perform any SSO-related tasks so we can clear all SSO-related data.
Can anyone please help me with this?
Regards, Kiran sr
|