I see that the FedMetadata document can provide signout notification and subscription endpoints, and web.config defines the issuer url for sign in requests, but I can't find where WIF knows to send sign out requests. If the STS I'm using defines different endpoints for sign in and sign out requests, how could I access that in code or set that up in web.config?
Asked
Active
Viewed 1,445 times
1 Answers
4
By default, WIF will redirect to the same STS endpoint for sign-out as was used for sign-in. To direct to a different endpoint, you'll need to override the sign-out action using FederatedSignOut:
WSFederationAuthenticationModule authModule = FederatedAuthentication.WSFederationAuthenticationModule;
string signoutEndpoint = "http://STS/yourendpoint/"; // This can be stored in your configuration app settings
string signoutUrl = WSFederationAuthenticationModule.GetFederationPassiveSignOutUrl(signoutEndpoint, authModule.Realm, null);
WSFederationAuthenticationModule.FederatedSignOut(new Uri(signoutUrl), new Uri(currentPage));
Hopefully this helps.
Garrett Vlieger
- 9,354
- 4
- 32
- 44
-
This is what I needed to know. I had put the endpoint in the config, but wanted to make sure I wasn't missing a WIF parameter that took the url in instead. – ryanhallcs Jan 10 '12 at 20:43