Symantec Access Management

  • Private Community

  • 1.  Logoff URI

    Posted Oct 09, 2013 05:16 AM
    Hi,

    I have requirement wherein I need to redirect user to Login page once user clicks on Logout button. Currently, we are redirecting user to standard logout page which is residing on Authentication server hosting the standar login page.

    I tried with adding ?referrer=<application protected URL>, ?goto=<application protected URL> at the end of Logoff URI, so as Logout page should redirect user to application protected page which in turn calls Login page since the session is logged out. Unfortunately, it is not working.

    Can you please let me know what should be the correct approach for redirecting user to login page once they click on logout page button?

    Regards,
    Vishal


  • 2.  RE: Logoff URI

    Broadcom Employee
    Posted Oct 09, 2013 11:29 AM

    vishal-nord wrote:

    Hi,

    I have requirement wherein I need to redirect user to Login page once user clicks on Logout button. Currently, we are redirecting user to standard logout page which is residing on Authentication server hosting the standar login page.

    I tried with adding ?referrer=<application protected URL>, ?goto=<application protected URL> at the end of Logoff URI, so as Logout page should redirect user to application protected page which in turn calls Login page since the session is logged out. Unfortunately, it is not working.

    Can you please let me know what should be the correct approach for redirecting user to login page once they click on logout page button?

    Regards,
    Vishal
    You could have your logoff (unprotected page) be JSP/APS page that can't redirect user back to a protected page
    OR
    Add a META tag to the content of the logoff url page

    in 60 seconds of accessing this page user is redircted to protected page

    <META HTTP-EQUIV="refresh" CONTENT="60;URL=http://myserver.ca.com/app1/protected.html">


  • 3.  RE: Logoff URI

    Posted Oct 10, 2013 01:31 AM
    Thanks Stephen for your input.

    For the 2nd solution, I need to create a separate application specific logout page with Meta Tag and it won't be easy to maintain all these pages when other application also demands to have the same functionlity.

    I still there is some way by which when I click on Logout link(http://<DNS>/Logout/logout.jsp), it should redirect to application page using some method like (http://<DNS>/Logout/logout.jsp?referer=https://<DNS>/protected.html) or (http://<DNS>/Logout/logout.jsp?goto=https://<DNS>/protected.html). I tried that out, but somehow not working.

    Thanks & Regards,
    Vishal


  • 4.  RE: Logoff URI

    Posted Oct 10, 2013 06:07 AM
    Hi Vishal,

    You can try the follwoing in the Logout.fcc

    @smlogout=true
    @target=<Protected application>

    smlogout directive works in place of LogOFF URI

    Hope this helps!!!

    Regards,
    Antony Sunny,
    http://itinfradiscussions.blogspot.com


  • 5.  RE: Logoff URI

    Posted Oct 10, 2013 06:39 AM
    Thanks Antony.

    But I am not looking out for changing anything in centrally placed logout page which is being referred by all the protected web applications.
    I want to make this redirection happen from Logout page URL configured at application end.

    Regards,
    Vishal


  • 6.  RE: Logoff URI

    Posted Oct 10, 2013 09:34 AM
    you stated "..I have requirement wherein I need to redirect user to Login page once user clicks on Logout button. Currently, we are redirecting user to standard logout page which is residing on Authentication server hosting the standar login page. ..."

    i'm guessing the use of central logout uri is because your ACO is standardized, you want to minimize the change. with your setup, you informed the application to href the logout/signout w/ the uri that you defined in the logoffuri. so when the user click on the logout, smsession is set to loggedoff. and the content of the logout page that reside on the standard login page is displayed

    now you want "... to redirect user to Login page once user clicks on Logout button ... Stephen suggestiion should work

    but then your recent replied was "...I want to make this redirection happen from Logout page URL configured at application end. "

    "Logout page URL configured at application end?" this is not the same as you indicated earlier "standard logout page which is residing on Authentication server hosting the standar login page" thus i'm not following you here.

    on the otherhand, the logoffurl value is URI, and not a full URL. what you posted is a full URL.

    let think outside the box (or let me throw another wrench into this )

    1. the URI that the app is using can be setup on the app side. They can modify that page and have what Stephen suggested to redirect to whereever you want.
    2. the app can add/modify the logoffurl in your localconfig.conf, if you allow local config to happen.

    Tony


  • 7.  RE: Logoff URI

    Posted Oct 10, 2013 09:34 AM
    you stated "..I have requirement wherein I need to redirect user to Login page once user clicks on Logout button. Currently, we are redirecting user to standard logout page which is residing on Authentication server hosting the standar login page. ..."

    i'm guessing the use of central logout uri is because your ACO is standardized, you want to minimize the change. with your setup, you informed the application to href the logout/signout w/ the uri that you defined in the logoffuri. so when the user click on the logout, smsession is set to loggedoff. and the content of the logout page that reside on the standard login page is displayed

    now you want "... to redirect user to Login page once user clicks on Logout button ... Stephen suggestiion should work

    but then your recent replied was "...I want to make this redirection happen from Logout page URL configured at application end. "

    "Logout page URL configured at application end?" this is not the same as you indicated earlier "standard logout page which is residing on Authentication server hosting the standar login page" thus i'm not following you here.

    on the otherhand, the logoffurl value is URI, and not a full URL. what you posted is a full URL.

    let think outside the box (or let me throw another wrench into this )

    1. the URI that the app is using can be setup on the app side. They can modify that page and have what Stephen suggested to redirect to whereever you want.
    2. the app can add/modify the logoffurl in your localconfig.conf, if you allow local config to happen.

    Tony


  • 8.  RE: Logoff URI

    Posted Oct 11, 2013 06:06 AM
    Thanks Tony for your input in this.

    You understood it correctly " application to href the logout/signout w/ the uri that you defined in the logoffuri. so when the user click on the logout, smsession is set to loggedoff. and the content of the logout page that reside on the standard login page is displayed"
    Currently, the same thing happening and central logout page is getting displayed to user once they click on logout.

    Now, what I want to achieve is a redirectional call to application protected page(which in turns prompt for login) once user hits a logout button and this needs to be implemented without modifying existing logout page/creating a new application specific logout page.

    I hope it is much clear now. Please suggest me a workaround here.

    Regards,
    Vishal