locked
Signout with AFDS3 with SAML Client RRS feed

  • Question

  • I have implemented SSO using ADFS3. I have logout button for sign out and it’s working fine with my ws-federation passive endpoints . In logout I redirect user to logout.aspx page and there I have written code on page load as.

    WSFederationAuthenticationModule authModule = FederatedAuthentication.WSFederationAuthenticationModule;

    SignOutRequestMessage signOutRequestMessage = new SignOutRequestMessage(new Uri(authModule.Issuer), authModule.Realm);

    String queryString = signOutRequestMessage.WriteQueryString();

    Response.Redirect(queryString);

    One of the application uses SAML so I have created SAML assertion consumer end point. So when I open this application and hit logout it throws error and when I see event log on ADFS:

    Encountered error during federation passive request. 
    
    Additional Data 
    
    Protocol Name: 
    wsfed 
    
    Relying Party: 
    
    
    Exception details: 
    Microsoft.IdentityServer.RequestFailedException: MSIS7055: Not all SAML session participants logged out properly. It is recommended to close your browser.
       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSamlLogoutResponse(SamlContext samlContext, Boolean partialLogout, Boolean& logoutComplete)
       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.ProcessSignOut(SamlContext samlContext, String redirectUri, List`1 iFrameUris, Boolean partialLogout)
       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.PipelineInitiatedSignout(WrappedHttpListenerContext httpContext, String redirectUri)
       at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolSignoutRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
       at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
       at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)



    Monday, July 27, 2015 8:47 AM

Answers

  • Hi,
     
    For ADFS related issues, I would suggest you post in the dedicated forum, where you can get more experienced responses:
     
    https://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=Geneva
     
    The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
     

    Regards,

    Ethan Hua


    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com

    Tuesday, July 28, 2015 9:20 AM