You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are using Duende IdentityServer along with ASP.NET Core Identity in our application. We have implemented SignalR to broadcast logout events across multiple browser tabs. However, we are encountering an issue where, despite logging out from one tab, the other tabs do not log out immediately as expected. This seems to be caused by the AspNetCore.Identity.Application cookie, which persists for a short period after logout.
Here’s an overview of our setup:
We use SignalR to broadcast a logout request to all tabs when the user logs out from one tab.
Our application uses the AspNetCore.Identity.Application cookie for authentication.
We want to either completely eliminate the use of the AspNetCore.Identity.Application cookie or ensure that all tabs are correctly logged out immediately when a logout occurs in any one tab.
The expected behavior is for all tabs to log out simultaneously when one tab logs out. Currently, the other tabs are not logging out correctly until the AspNetCore.Identity.Application cookie expires or is manually cleared.
We have reviewed multiple resources and couldn't find a solution that addresses this behavior in a consistent manner. Here are some of the steps we have taken:
We configured SignalR to broadcast logout events to all tabs.
We ensured that the AspNetCore.Identity.Application cookie is cleared on logout.
Despite these steps, the other tabs remain logged in temporarily due to the lingering cookie.
Questions:
Is there a way to completely eliminate the AspNetCore.Identity.Application cookie when using Duende IdentityServer with ASP.NET Core Identity?
Alternatively, is there a recommended approach to immediately force all tabs to log out upon receiving a SignalR logout event, including the immediate removal of this cookie?
Any guidance on resolving this issue would be greatly appreciated.
Steps to Reproduce:
Login to the application with multiple tabs open.
Log out from one of the tabs, which triggers SignalR to broadcast a logout event.
Observe that the other tabs are not logged out immediately due to the AspNetCore.Identity.Application cookie persisting temporarily.
Additional Information: Here’s a snippet of the logout logic we are using:
Environment:
Duende.IdentityServer.AspNetIdentity: 7.0.5
Microsoft.AspNetCore.Authentication.JwtBearer: 8.0.7
Microsoft.AspNetCore.Identity.EntityFrameworkCore: 8.0.6
Frontend: React with TypeScript
We are using Duende IdentityServer along with ASP.NET Core Identity in our application. We have implemented SignalR to broadcast logout events across multiple browser tabs. However, we are encountering an issue where, despite logging out from one tab, the other tabs do not log out immediately as expected. This seems to be caused by the AspNetCore.Identity.Application cookie, which persists for a short period after logout.
Here’s an overview of our setup:
We use SignalR to broadcast a logout request to all tabs when the user logs out from one tab.
Our application uses the AspNetCore.Identity.Application cookie for authentication.
We want to either completely eliminate the use of the AspNetCore.Identity.Application cookie or ensure that all tabs are correctly logged out immediately when a logout occurs in any one tab.
The expected behavior is for all tabs to log out simultaneously when one tab logs out. Currently, the other tabs are not logging out correctly until the AspNetCore.Identity.Application cookie expires or is manually cleared.
We have reviewed multiple resources and couldn't find a solution that addresses this behavior in a consistent manner. Here are some of the steps we have taken:
We configured SignalR to broadcast logout events to all tabs.
We ensured that the AspNetCore.Identity.Application cookie is cleared on logout.
Despite these steps, the other tabs remain logged in temporarily due to the lingering cookie.
Questions:
Is there a way to completely eliminate the AspNetCore.Identity.Application cookie when using Duende IdentityServer with ASP.NET Core Identity?
Alternatively, is there a recommended approach to immediately force all tabs to log out upon receiving a SignalR logout event, including the immediate removal of this cookie?
Any guidance on resolving this issue would be greatly appreciated.
Steps to Reproduce:
Login to the application with multiple tabs open.
Log out from one of the tabs, which triggers SignalR to broadcast a logout event.
Observe that the other tabs are not logged out immediately due to the AspNetCore.Identity.Application cookie persisting temporarily.
Additional Information: Here’s a snippet of the logout logic we are using:
app.MapPost("broadcast", async (string message, IHubContext context) =>
{
await context.Clients.All.SendAsync(message);
return Results.NoContent();
});
Thank you for your support and assistance!
The text was updated successfully, but these errors were encountered: