This topic contains 4 replies, has 2 voices, and was last updated by  Amalg 3 weeks, 5 days ago.

  • Author
    Posts
  • #26527
     Amalg 
    Participant

    Application A is protected by Identity Gateway and when a user clicks on the log out button, I want to destory the session and redirect the user to a openam log out page.

    Any pointers or configuration sample would be helpful for this.

    #26528
     srinath.m 
    Participant

    Hi @amalg,

    Logout with a valid session:
    Trying the logout from XUI : http://openam.example.com:8080/openam/XUI/#logout/&goto=http://bbc.co.uk

    redirects works.

    You can find more details here

    thanks,
    Srinath

    #26529
     Amalg 
    Participant

    Hi @srinath-m,

    This is the application url which is accessed via IG
    http://local.com:9089/cookiesession/ and the user reaches the page

    http://local.connectme.us:9089/cookiesession/home.jsp. There is log out button and when the user click on it, IG must destory the session and redirect the user to AM log out page.
    Here AM is protected by IG also http://local.com:9089/openam/.

    Directly configuring the logout action is throwing an forbidden error and redirects the user to the login page, which is not desirable.

    Is there a way i can configure the route to log out?

    IG Route:
    {
    “name”: “cookiesession”,
    “baseURI”: “http://local.com:8080”,
    “condition”: “${matches(request.uri.path, ‘^/cookiesession’)}”,
    “capture”: [
    “response”,
    “request”
    ],
    “heap”: [
    {
    “name”: “ReverseProxyHandler”,
    “type”: “ReverseProxyHandler”,
    “capture”: [
    “response”,
    “request”
    ]
    },
    {
    “name”: “capture”,
    “type”: “CaptureDecorator”,
    “config”: {
    “captureEntity”: true,
    “captureContext”: true
    }
    },
    {
    “name”: “ForgeRockClientHandler”,
    “type”: “Chain”,
    “config”: {
    “filters”: [
    “TransactionIdOutboundFilter”
    ],
    “handler”: “ClientHandler”
    },
    “capture”: [
    “response”,
    “request”
    ]
    }
    ],
    “handler”: “ReverseProxyHandler”
    }

    #26530
     srinath.m 
    Participant

    Hi ,

    In our use case, we are protecting our applications by IG and in the application, we are using AM logout url to logout of the application.
    https://openam.example.com/openam/UI/Logout/ – This destroys the session and redirect to AM logout page.

    #26531
     Amalg 
    Participant

    @srinath-m

    Thanks a lot

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?