i have many asp.net core applications that connected to IdentityServer for the authentication. Before i run these application on the IIS every thing worked as it should. Before running on IIS, every application had its own port on same domain: eg: www.myserver.com:500x.
By moving them to the IIS server, we made those port invisible, so the user just sees the domain without any ports. To identity the requests, we gave every application an alias. The iis forwards the requests to the application, the alias belongs to. Example as following:
www.myserver.com/app1/index --> gets forwarded to application 1 with port 5001. www.myserver.com/app2/index --> gets forwarded to application 2 with port 5002 and so on.
this idea worked fine, but not with the log out. when i log out from a client i call this functions from the client:
public async Task<IActionResult> OnGet()
{
logger.LogDebug("Current Client will be loged out for a user");
await HttpContext.SignOutAsync("oidc");
await HttpContext.SignOutAsync("Cookies", );
return SignOut("Cookies", "oidc");
}
But this deletes the authentication coockies just for the current Client and for the IdentityServer. The coockies at the other clients are not getting cleaned anymore with this code.
I'm not using the Iframe to make the PostLogout procedure. Any idea where should i search for the problem? is it possible to delete all coockies for same domain at the logout call? is it the correct way to solve it?