We are using WIF Extension for SAML 2.0 web application and ADFS 2.0 and can’t perform a proper sign out.
The requirement is that upon each login request the user will be prompted for domain credentials .
When user logouts from our application, saml logout request is sent to ADFS and I see that WIF and MSIS cookies are cleared. However, when one tries to login again he isn’t prompted for credentials unless browser is closed or all cookies are cleared manually.
Logout response contains next cookies:
Set-Cookie: MSISAuth1=; expires=Mon, 06-May-2013 16:01:45 GMT; path=/adfs/ls
Set-Cookie: MSISAuth=; expires=Mon, 06-May-2013 16:01:45 GMT; path=/adfs/ls
Set-Cookie: MSISAuthenticated=; expires=Mon, 06-May-2013 16:01:45 GMT; path=/adfs/ls
Set-Cookie: SamlSession=; expires=Mon, 06-May-2013 16:01:45 GMT; path=/adfs/ls
Any help is greatly appreciated. Thanks.