Added an edit with the filter line
Ananace
Just another Swedish programming sysadmin person.
Coffee is always the answer.
And beware my spaghet.
- 1 Post
- 3 Comments
Joined 2 years ago
Cake day: June 11th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I actually recently added the Microsoft logout page to µblocks domain filter at work, since it would every now and then trigger a logout the very first page load after I’d log in to the email there.
This has also somehow caused a bunch of other AD-connected systems to suddenly behave a lot better when it comes to session termination.
Edit: Since people were asking for it, this is what you need to add to the “My filters” tab in your UBO config;
||login.microsoftonline.com/common/oauth2/v2.0/logout^$documentThis will prevent any requests from redirecting you to log out, timeouts etc will still invalidate your session.
I think the login-redirect system is just broken for ADFS, it feels like it adds all the SSO-logout URLs for all systems you’re logged into to the redirect queue when it times your session out.
Which means you’ll have to log in enough times to exhaust that queue before it finally reaches the actual system you’re trying to log into.
But that’s just an assumption.