All geek questions in one place

Single Sign-On with Thinktecture 2 Identity Server

My understanding regarding Thinktecture Identity Server 2 is that Single Sign Out is not implemented. In other words, when you exit one Relying Party, Identity Server does not automatically sign a user from any other RP. I know there have been reports of this, but I could not find anything on how to extend Identity Server for this. I saw some posts that say that Identity Server is already doing this out of the box ... if that is the case, I could not find out how to do this.

My SSO works fine with Asp.NET Web Forms, WIF and Identity Server 2, and I can exit the RP just fine, but what I can say is that I need additional code in Identity Server to fully sign the user from any other RP that he could enter.

Has anyone expanded Identity Server to implement single sign-on?

Is this something that can be configured in Identity Server or some encoding is required?

I would really appreciate understanding if you have it.

Thank.

+4
source share
1 answer

IdentityServer WS-Federation. RP IdentityServer, IdentityServer RP, IdentityServer WS-Fed. , RP :

var sam = FederatedAuthentication.SessionAuthenticationModule;
sam.SignOut();

var fam = FederatedAuthentication.WSFederationAuthenticationModule;
var signOutRequest = new SignOutRequestMessage(new Uri(fam.Issuer));
// optional -- put your RP URL here
// signOutRequest.Reply = "https://localhost:44321/";
var url = signOutRequest.WriteQueryString();
Response.Redirect(url);
+5

Source: https://habr.com/ru/post/1537580/

More articles:


All Articles