Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SingleSignOut] Loop when use CasAuthentication.SingleSignOut in ActionResult #110

Open
KhanhVanCong opened this issue Aug 27, 2020 · 4 comments

Comments

@KhanhVanCong
Copy link

Hi team,

  • Now, I have an issue with logout from project ASP.NET MVC 5.

  • In the backend, I have a controller with ActionResult as below

public ActionResult Logout() { CasAuthentication.SingleSignOut(); return RedirectToAction("Index", "Home"); }

  • I have a tag <a href="~/logout"> when user click this tag to logout, it will call ActionResult Logout and execute single sign out . Next, they redirect to CAS server login with URL 'url_cas?service=url_redirect_logout'.

  • We have a problem here, they will loop sign out (call again ActionResult Logout) when the user successfully log in again because the 'url_redirect_logout' will be redirected.

  • I see your code in function CasAuthentication.SingleSignOut, you use HttpContext.Current.Request in function ConstructServiceUrl, it will get the current request, specifically, in my case, it will get URL logout.

  • So, Could you suggest me some solutions to resolve this problem? I hope to hear from your team soon. Thank you so much.

@phantomtypist
Copy link
Contributor

I'm not sure I fully understand here. Can you clearly detail a reproduction scenario for me? Step by step please with as much detail as possible, clearly.

@JanairoRio
Copy link

Hi pretty clear and i have the same problem .
After logout ( with CasAuthentication.SingleSignOut(); on a ResultAction) we got the the SSo connection page with on the url a redirection to our logout ActionResult , we excpeted to have our HomePage.

@TheHokieCoder
Copy link
Contributor

@JanairoRio I believe that when you use the SingleSignOut() method:

  1. That method is performing a redirect via the HTTP request object for you...there is no need or purpose to manually redirecting like @KhanhVanCong included in their code snippet. (see the SingleSignOut() method code)
  2. The method is redirecting to the configured single sign out endpoint for your CAS server, which will help destroy the single sign on session for the user. If there is to be any redirecting after that, it needs to be done by your CAS server because, at that point, the user is no longer in your web application. Do take note that simply "logging out" of your web application and performing a CAS "single sign out" are two different concepts, and I believe is the reason for your confusion about the redirects after calling SingleSignOut().

If I am incorrect in my assumptions about the issue that you are reporting, please provide more detail about the controller actions that are involved, including full method code, as well as your DotNetCasClient configuration from web.config (but please scrub any configuration details that are sensitive to your configuration). Hope this helps!

@AlfMX
Copy link

AlfMX commented Apr 25, 2023

Have same issue:

In my controller, have the method:

`
[HttpGet]

public ActionResult LogOut()

{

   CASAuthorize.ClearSession(HttpContext);

   if (DotNetCasClient.CasAuthentication.GetFormsAuthenticationTicket() != null)

   {

       DotNetCasClient.CasAuthentication.SingleSignOut();

   }

   return View();

}
`

When the users click the button to call the method "https://localhost:44301/Home/LogOut"

The final result is the page:

https://casserver/cas/login?service=https%3a%2f%2flocalhost%3a44301%2fHome%2fLogOut

Here, the user can enter its username/password, but, because the service parameters is redirecting to the LogOut method, the user is logged out again.

So, the question, is it a way to change the service parameter to he home page?
Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants