Symantec Access Management

  • Private Community
 View Only

  • 1.  How can I logout the SSO using my own page?

    Posted Feb 16, 2017 01:36 AM

    dear guys,is it possible to use my own page, and with a click on the logout button, then the SSO user logged out.and show the SSO login page.(also means that is there any SSO URL I can use to do logout?)



  • 2.  Re: How can I logout the SSO using my own page?
    Best Answer

    Posted Feb 16, 2017 01:51 AM

    Yes, whatever url you want to use for log off needs :

    - set in logoffuri aco parameter

    - needs to be unprotected 



  • 3.  Re: How can I logout the SSO using my own page?

    Posted Feb 16, 2017 02:20 AM

    Thanks for anwsering,

    for the first sentence"- set in logoffuri aco parameter", does it mean that if I redirect to this page with this configured.I am loggout from the CA SSO?do I need develop this page or it's just a fake page which alias to the SSO real page?

    for the second sentence "- needs to be unprotected" , does it mean that it need out of CA SSO controled,right? or which kind of unprotected?



  • 4.  Re: How can I logout the SSO using my own page?

    Posted Feb 16, 2017 04:01 AM

    for the first sentence"- set in logoffuri aco parameter", does it mean that if I redirect to this page with this configured.I am loggout from the CA SSO?do I need develop this page or it's just a fake page which alias to the SSO real page?


    Ujwol => That's correct. It can be just any page say an html page showing the user is logged out.



    for the second sentence "- needs to be unprotected" , does it mean that it need out of CA SSO controled,right? or which kind of unprotected?


    Ujwol=> Yes,it should not be protected by CA SSO



  • 5.  Re: How can I logout the SSO using my own page?

    Posted Feb 16, 2017 04:34 AM

    Thanks, So if I want it not protected by CA SSO, need I do some extra step to config this on web agent? not just config the logoffuri?



  • 6.  Re: How can I logout the SSO using my own page?

    Posted Feb 16, 2017 06:19 PM

    OK, let's say if you have protected following :

    /root1/

     

    and you want to use /root1/logout.html as your log off page then you will need to explicitly create realm and set it to unprotected (also do not create any rule underneath this realm)

     

    However, if you want to use say /rootnew/logout.html as log off URI then its already not protected by CA SSO, so you do not need to do anything.



  • 7.  Re: How can I logout the SSO using my own page?

    Posted Feb 17, 2017 01:15 AM

    OK,I got it, Thank you very much!.



  • 8.  Re: How can I logout the SSO using my own page?

    Posted Jan 17, 2018 03:10 PM

    I was wondering if you could tell me how the 'logoffuri aco parameter' is set in a SaaS environment. Could I possibly update this myself, or would I need to raise a support case to have the OnDemand team perform the edit?

     

    Thanks,

    Will