[quote][/quote]
Sorry, I misunderstood your question.
You can send the return URL as relay state when you call SAMLServiceProvider.InitiateSSO.
For example, in your login page:
var returnUrl = Request.QueryString["ReturnUrl"];
SAMLServiceProvider.InitiateSSO(Response, returnUrl, partnerIdP);
When you call SAMLServiceProvider.ReceiveSSO, the targetUrl output parameter should be set to the returnUrl parameter passed in as the relay state to SAMLServiceProvider.InitiateSSO.
You should check that the targetUrl is within your web application to avoid potential open redirect attacks.
Alternatively, you could store the returnUrl in your ASP.NET session or elsewhere rather than using relay state/target URL.
You can send the return URL as relay state when you call SAMLServiceProvider.InitiateSSO.
For example, in your login page:
var returnUrl = Request.QueryString["ReturnUrl"];
SAMLServiceProvider.InitiateSSO(Response, returnUrl, partnerIdP);
When you call SAMLServiceProvider.ReceiveSSO, the targetUrl output parameter should be set to the returnUrl parameter passed in as the relay state to SAMLServiceProvider.InitiateSSO.
You should check that the targetUrl is within your web application to avoid potential open redirect attacks.
Alternatively, you could store the returnUrl in your ASP.NET session or elsewhere rather than using relay state/target URL.
Nice. I am using Session to preserve the "ReturnURL". It works perfectly.
After logout, it redirect to ADFS login page, with query string SAML
https://adfs.pcci.edu/adfs/ls/?SAMLRequest=hZLLTsMwEEV%2FJfI%2Bz6bQWm2l0gpRqUBECws2aJJMqCXHDh6Hx9%2FjpFBg0bL0aO7cM3M9Iahlw%2Bet3ak7fGmRrLdaTtlTngxLrBLwxynEflpGI398Nqz8UYz5IMlTGAEy7wENCa2mLAki5q2IWlwpsqCsK0XxyI%2BGfnS%2BjVM%2BiPlgGETj5JF5S%2BciFNheubO2IR6GUFYUNEUhAizb%2FhVKCpl3qU2BPd%2BUVSAJO58MiMQrHiqZ0VYXWl4IVQr1PGWtUVwDCeIKaiRuC76ZX6%2B54%2BT5von41Xab%2BdntZsu8ORGaDmihFbU1mg2aV1Hg%2Fd36B9E67kCK3ID5OKByt2cah9308NiUAKh5Z957LRXx%2FuKnCZuvddhs0nXz%2FrDml%2F60HL4x2KxD%2F4d8Ev7y2Bs2%2FMYNXS0zLUXx0UVQgz3uGQdxXxGlX%2FWtvFXUYCEqgaW7rZT6bWEQrAvMmtblFc72rn9%2F3uwT&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=VddFSGRMyqbm5j2vW9DGvDlDr%2FaKFFY0%2B9DrZlfcTSrMqS0AQAPKE%2BE3HOU1cMWLZzuuldfoPwizQePl1z%2FNJx5%2B93qNKP1o0JawQChZUt9OlhPc%2BwZQJQ70AI4XHgyQo1GMqKZuQICz%2FJwzWbWcCwf%2FrTy2htRau5k4e0xYQI2T%2FW19cABFVwxyd8viwggp0LVtBdALDZXVc%2FpjXgyoiMBaX5ZfkjFyhvhxSkhFoG8pURrtnkS0PsGLPhvgVtH1m2ZBu6NdgfbK8TF9o16icoinp4TN4r8I21WM1u%2BmLprknLYZ1m1nvZieSxEl%2B8FyYxgdvaKTKLhBoI6nwI1Pfw%3D%3D
With username/password there, it is possible for the user to login again and expecting to redirect to previous page on Service Provider (the page where user click "Logout", it can be anywhere on the website). but, it is not the case. the SAMLRequest is the logout request and it will hit SLOService.aspx first. Is there any way to prevent this?