Hi AF team,
At the moment when you click the AF sign-out page, it loads the AF main
template without anything in the middle (no block).
Following is the code in site/pages/logout.jag
<%
include("/jagg/jagg.jag");
include("/jagg/constants.jag");
var site = require("/site/conf/site.json");
(function () {
session.put('application_list',null);
session.put("last_backend_access_time_for_getting_appList",null);
session.put('authenticatedCookie',null);
jagg.render({
"name":"page/base",
"inputs":{
"title":"WSO2 App Factory",
"pagePath":"/site/pages/logout.jag",
"body":[
{
"name":"layout/base",
"inputs":{
"title":"Logout",
"middle":[
{
"name":"logout"
}
]
}
}
]
}
});
}());
%>
What happens from here is, code at
site/themes/default/templates/logout/template.jag
is executed.
<% jagg.template("logout", function(inputs, outputs, jagg) { %>
<%
include("/jagg/constants.jag");
include("/jagg/config_reader.jag");
var security =require("sso");
var ssoRelyingParty = new
security.SSORelyingParty(getProperty(SSO_NAME));
try{
var samlLogoutRequest =
ssoRelyingParty.getSAMLLogoutRequest(session.get("LOGGED_IN_USER"),
session.getId());
var encodedRequest =
ssoRelyingParty.encode(samlLogoutRequest);
var relayState = ssoRelyingParty.getUUID();
var idpURL = ssoRelyingParty.getProperty(
"identityProviderURL");
} catch (e) {
response.sendRedirect("/" + getProperty(WEB_CONTEXT_ROOT));
}
%>
<div>
<p>You are now redirected to Stratos Identity. If the
redirection fails, please click the post button.</p>
<form method="post" action="<%=idpURL%>">
<p>
<input type="hidden" name="SAMLRequest"
value="<%= encodedRequest %>"/>
<input type="hidden" name="RelayState" value="<%=relayState%>"/>
<button type="submit">POST</button>
</p>
</form>
</div>
<script type = "text/javascript" >
document.forms[0].submit();
</script>
<% }); %>
This behaviour loads and ugly page at the time of sign-out. But we can fix
it by adding the code in site/themes/default/templates/logout/template.jag
to site/pages/logout.jag. It will create a nice SSO flow when a user signs
out.
site/pages/logout.jag will look like following with this change.
<%
include("/jagg/jagg.jag");
include("/jagg/constants.jag");
var site = require("/site/conf/site.json");
include("/jagg/constants.jag");
include("/jagg/config_reader.jag");
var security =require("sso");
var ssoRelyingParty = new
security.SSORelyingParty(getProperty(SSO_NAME));
try{
var samlLogoutRequest =
ssoRelyingParty.getSAMLLogoutRequest(session.get("LOGGED_IN_USER"),
session.getId());
var encodedRequest =
ssoRelyingParty.encode(samlLogoutRequest);
var relayState = ssoRelyingParty.getUUID();
var idpURL =
ssoRelyingParty.getProperty("identityProviderURL");
} catch (e) {
response.sendRedirect("/" + getProperty(WEB_CONTEXT_ROOT));
}
%>
<div>
<p>You are now redirected to Stratos Identity. If the
redirection fails, please click the post button.</p>
<form method="post" action="<%=idpURL%>">
<p>
<input type="hidden" name="SAMLRequest"
value="<%= encodedRequest %>"/>
<input type="hidden" name="RelayState" value="<%=relayState%>"/>
<button type="submit">POST</button>
</p>
</form>
</div>
<script type = "text/javascript" >
document.forms[0].submit();
</script>
Shall we make this change to logout.jag ? I have tested this in my setup
and there is no affect to the functionality/ I got Chanaka's advice when
fixing this redirection flow.
Regards,
AmilaM.
--
*Amila Maharachchi*
Senior Technical Lead
WSO2, Inc.; http://wso2.com
Blog: http://maharachchi.blogspot.com
Mobile: +94719371446
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
