I have several WIF applications making use of an ADFSv2 STS. They were all configured by running FEDUTIL. For some of these applications calling the adfs/ls/?wa=wsignout1.0 mechanism succeeds in clearing the session cookies. However, for others among these WIF sites calling adfs/ls?wa=wsignout1.0 results in the ADFS cookies (MSIS*) being cleared but the fedauth cookies for the specific web site are left intact even though Fiddler shows a get to the application URL with a ?wa=signoutcleanup1.0 parameter. Fiddler show there is no "set" cookie being transmitted to expire the fedauth cookies as there is for the MSIS cookies.
The ADFS trace log reports an event 78 complaining about an invalid string in the signout cookie. I am not having any success tracking down why the signout cookie is holding bad information. The trace log shows the following text.
<EventData>Ignoring Invalid entry 'signoutCleanup;https%3a%2f%2ffs.company.com%2fsamplewif2%2f&SampleWIF2&https%3a%2f%2ffs.company.com%2fsamplewif2%2f&https%3a%2f%2ffs.company.com%2fsamplewif2%2f' in signout cookie.</EventData>
My theory is that there is some case sensitive comparison happening or perhaps a trailing slash is present or missing in some part of the configuration.
What is the best way to determine why the cookie entry is "invalid"?
Randy