Setting up FormsAuthentication after SSO authentication

后端未结

关注

 2  1941

灰色年华 2021-01-07 07:41

My ASP.NET MVC 4 application is protected by SSO (OAM) with an ISAPI filter running on IIS. When a request to my application is received, it is intercepted by ISAPI filter a

2条回答

既然无缘 (楼主)

2021-01-07 08:25
I had to explicitly kill the session inside Session_Start if requested URL is logout URL. And then with next request (like from logout to login page again), it generates a new session and runs smoothly.
```
protected void Session_Start()
    {
        if (!Request.IsAuthenticated && !IsSignoutURL)
            AcceptSessionRequest(); //process local authentication

        else if (IsSignoutURL)
            RejectSessionRequest(); //kill the sessions
    }
```
For background on how SSO passes authenticated user's identity to my application, read my comment to tvanfosson's post.

The post remains opened for a better idea.
0 讨论(0)

查看其它2个回答
发布评论:

提交评论
- 加载中...