ACS “deep” Logout
We have the following situation.
Our web application is hosted on Azure as a WebRole.
We are using ACS to provision authentication for some part of the application and as IdPs we are using 2 different ADFS systems as well as 2 WAAD instances.
If someone logs out of our application and they go back and select the ACS login link for the application using their previous IdP they are automatically logged in without user/password prompt.
If they close the browser they are prompted.
This is particularly a problem on tables (e.g. iPad) as users never “close” the browser they just go to an other application. If on an iPad the safari task is closed the user is also reprompted for username and password.
Since we are doing a clinical application we cannot rely on them closing the browser and need a way of the ACS logout call logging the user out completely.
The code we are using for Logout is a redirect to ACS:
ACS_FEDERATION_ENDPOINT =https://xxxxxxxxxxx.accesscontrol.windows.net/v2/wsfederation
realm =www.xxxxxxxxxxxx.org.uk etc
var acsSignoutUrl = ACS_FEDERATION_ENDPOINT +"?wa=wsignout1.0&wreply="+ reply +"&wtrealm="+ realm;
Response.Redirect(acsSignoutUrl);
Thanks for any help.
Chris