Windows Identity Foundation how to use federated logout properly?

I rolled my own STS provider using WIF and also have a few apps which are Relying Parties. The session timeout on the STS provider is set to 30mins and so are the relying parties.

When a person wants to signout of the Relying Parties and the STS provider they issue a federated logout query parameter to the STS provider.

https://STSProvider.com/Default.aspx?wa=wsignout1.0

This creates a page with image tags that have federated logout requests for all the relying parties they are signed into.

The problem with this is that, since their session timed out on the STS provider then it kicks them back to the login screen. And the page with all the federated logout开发者_如何学Go img tags for the relying parties are not served. So, the person stays logged in to all the relying parties.

What is the best way to handle a federated logout where the STS's session cannot be indefinate?

---

I suppose you authenticate the user on the STS using SessionSecurityToken. If that is the case you can try setting its IsPersistent property to true.

var token = new SessionSecurityToken(...args...);
token.IsPersistent = true;