Symantec Access Management

Hello,

If a user access application protected by siteminder and successfully logged into the app and when he click on logout, it will redirect to www.appname.com/logout.html, where logoffuri is set to /logout.html and the code behind the application logout button is www.appname.com/logout.html and code inside logout.html file is below:

 <meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
 <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
 <META HTTP-EQUIV="Expires" CONTENT="-1">

                         OR

If its a fcc page then the code below:

@smlogout=true
@target=/whicheverpageyouwant.html

What is the significance of logoffuri parameter and where is it getting triggered in above scenario? 

Thank you,

Raja Shravan

If you define logoffuri in your ACO, when that agent finds the request received matches the logoffuri then it will logout the user by removing the user session and the SMSESSION cookie gets set to LOGGEDOFF.

If you did not define the logoffuri and want to termiate user session, you can let the user access an fcc file which contains the following.

@smlogout=true
@target=/whicheverpageyouwant.html

This forces the agent to logout the user session and the SMSESSION cookie gets set to LOGGEDOFF.

In the above use case, it will also redirect the user to the defined target after the logout.

It is just much easier to use logoffuri.