Hi,
Sorry to bother you again, but I've got an issue with the logout procedure. I'm
running into the issue of the filter cache, so after doing logout I can still
get in within a small time period. I've read the FAQ but still can't quite get
it to work. I hope you can point me in the right direction.
I created a logout script, accessible at https://sso.example.com/logout.php.
Content is similar as to the provided script in the distribution:
<?php
/* change 'central' to the url of your weblogin server */
$central = "https://sso.example.com/cosign-bin/logout";;
$service_name = $_SERVER['COSIGN_SERVICE'];
setcookie($service_name, '', 1, '/', '', false, true );
/* make any local additions here (e.g. expiring local sessions, etc.),
but it's important that there be no output on this page. */
header( "Location: $central" );
exit;
?>
>From the distribution I've modified the verify-logout.html template, but it
>still contains:
<form name="f" method="post" action="/cosign-bin/logout">
<h1>Log Out</h1>
<p>You are about to log out of <a href="/services/">all
weblogin applications</a>.
Are you sure you want to do this?</p>
<p>
<input type="button" id="back" value="Go Back" />
<input type="submit" id="logout" name="verify"
value="Log Out" />
</p>
<div class="redirect">After logout your browser
will redirect to: $u</div>
<input type="hidden" name="url" value="$u" />
</form>
In cosign.conf I've got this line to redirect to a different page after logout:
set cosignlogouturl https://sso.example.com/loggedout.html
Which does lists the services available behind cosign, nothing special.
If I start on the logout.php page, it directs nicely to the cosign-bin/logout
page, and after I press the Submit button, it directs me to the loggedout.html.
So I think the flow is doing what it should.
I thought this should do the trick, but it doesn't. Any suggestions?
Regards,
--
Guus Houtzager | Project Resource Center | R21 Infrastructure Services
T. +31 30 689 10 51 | M. +31 6 27 159 035
http://www.nl.capgemini.com
This message contains information that may be privileged or confidential and is
the property of the Capgemini Group. It is
intended only for the person to whom it is addressed. If you are not the
intended recipient, you are not authorized to
read, print, retain, copy, disseminate, distribute, or use this message or any
part thereof. If you receive this message
in error, please notify the sender immediately and delete all copies of this
message.
------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
