Blog Portfolio Components Sitefinity
Contact
Blog Portfolio Components Sitefinity
Published on
Wednesday, December 20th 2017

Social Logout in Sitefinity

Authors
  • Twitter Avatar
    Name
    Steve McNiven
    Twitter
    @stevemcniven

This comes from a ticket that took like 9 months to resolve, so I’m posting it to save others the hassle :)

The site has a company login that is *just* Google auth, no SF or any other mechanism to get in.  The problem was on logout of sitefinity the user was still logged into google.  So when they click the sitefinity login button again they don’t even get prompted to log into google (since they already are), sitefinity just sends them right in.

So on a public computer you can see where this causes problems right… if user X forgets to sign out of google and user Y sits down, sitefinity logs user Y in AS user X.

Here’s how to fix this

  1. Configure identity server to allow a specific redirect url after sitefinity logout, you do that here:
  • Authentication
  • SecurityTokenService
  • IdentityServer
  • Clients
  • sitefinity
  • PostLogoutRedirectUris
  • …click Create new, add your Url

SocialLogoutPostLogoutUrl1

So sitefinity’s logout route is this

/Sitefinity/SignOut?sts\_signout=true&redirect\_uri=

One would think you could just change it to be

/Sitefinity/SignOut?sts\_signout=true&redirect\_uri=https://mail.google.com/mail/u/0/?logout&hl=en&hlor

But you would be wrong, this is what took so long to resolve the ticket… the redirect uri actually needs to be ENCODED at this point or it won’t work.

So this URI will work just fine

/Sitefinity/SignOut?sts\_signout=true&redirect\_uri=https%3A%2F%2Fmail.google.com%2Fmail%2Fu%2F0%2F%3Flogout%26hl%3Den%26hlor

What happens from here is you’re sent to the SF logout page, properly logged out from sitefinity then instantly sent over to the google signout page and signed out from there as well.

Works fantastic!

Next Article

Angular widgets in Sitefinity

Previous Article

Free SSL in Sitefinity with LetsEncrypt

Top Posts

  • Kendo Grid: cannot read property data of undefined
  • Avoid Version errors with Assembly Binding
  • Remote certificate is invalid error
  • Sitefinity forms popup template
  • Angular widgets in Sitefinity
  • Testing functionality with cypress.io
  • Supercharge Sitefinity load times with Roslyn
← Back to the blog

Boost your online presence.

Let us create the perfect digital experience for your company.

Contact us now
Twitter GitHub LinkedIn

© 2022 Sitefinity Steve. All rights reserved. XS SM MD LG XL