Tuesday, November 22, 2011

WIF : The FederatedPassiveSignInStatus Control

Doing some WIF development and wanted to sign out the user completely. So I dragged the control from the Toolbox on VS 2010 and then tested it.

WTF - it doesn't do anything.

I set the SignOut action to FederatedPassiveSignOut and had an url for the SignOutPageUrl.

Then I noticed that I'd actually added the control to the Site.Master page so that it would appear on every page on the site. Hmm - but that's not actually a page.

So I removed it and added it to my Home page. Works like a dream.

This may help someone else in the same predicament.

Passive Authentication for ASP.NET with WIF has a good description of SingleSignOut.

Makes the point:

"In more complex scenarios, the same clean-up request should be sent to any other STS involved in the federated session. To that end, the STS would have to have prior knowledge of the clean-up URI for each RP and STS. To support single sign-out, your RPs should be able to process these clean-up requests. Both the FAM and the FederatedPassiveSignInStatus control support this. If you’re using the FAM, the clean-up request can be posted to any URI at the RP and the FAM will process the request and clean up any session cookies. If you’re using the FederatedPassiveSignInStatus control, the clean-up request must be posted to a page that contains the control."


1 comment:

Anonymous said...

This comment helped me. Thanks!