This looks OK. Can you confirm (using something like Firefox's Live HTTP Headers add-on) that the Set-Cookie contains the values you expect? After you've been redirected to the global logout page, check your cookies to see that the service cookie's actually invalidated.
andrew On Apr 17, 2012, at 5:01 PM, Houtzager, Guus wrote: > Hi, > > Sorry to bother you again, but I’ve got an issue with the logout procedure. > I’m running into the issue of the filter cache, so after doing logout I can > still get in within a small time period. I’ve read the FAQ but still can’t > quite get it to work. I hope you can point me in the right direction. > > I created a logout script, accessible at https://sso.example.com/logout.php. > Content is similar as to the provided script in the distribution: > <?php > /* change 'central' to the url of your weblogin server */ > $central = "https://sso.example.com/cosign-bin/logout";; > $service_name = $_SERVER['COSIGN_SERVICE']; > > setcookie($service_name, '', 1, '/', '', false, true ); > > /* make any local additions here (e.g. expiring local sessions, etc.), > but it's important that there be no output on this page. */ > > header( "Location: $central" ); > exit; > ?> > > From the distribution I’ve modified the verify-logout.html template, but it > still contains: > <form name="f" method="post" action="/cosign-bin/logout"> > <h1>Log Out</h1> > <p>You are about to log out of <a href="/services/">all > weblogin applications</a>. > Are you sure you want to do this?</p> > <p> > <input type="button" id="back" value="Go Back" /> > <input type="submit" id="logout" name="verify" > value="Log Out" /> > </p> > <div class="redirect">After logout your browser > will redirect to: $u</div> > <input type="hidden" name="url" value="$u" /> > </form> > > In cosign.conf I’ve got this line to redirect to a different page after > logout: > set cosignlogouturl https://sso.example.com/loggedout.html > Which does lists the services available behind cosign, nothing special. > > If I start on the logout.php page, it directs nicely to the cosign-bin/logout > page, and after I press the Submit button, it directs me to the > loggedout.html. So I think the flow is doing what it should. > > I thought this should do the trick, but it doesn’t. Any suggestions? > > Regards, > > -- > Guus Houtzager | Project Resource Center | R21 Infrastructure Services > T. +31 30 689 10 51 | M. +31 6 27 159 035 > http://www.nl.capgemini.com > > > > > > > > > > This message contains information that may be privileged or confidential and > is the property of the Capgemini Group. It is > intended only for the person to whom it is addressed. If you are not the > intended recipient, you are not authorized to > read, print, retain, copy, disseminate, distribute, or use this message or > any part thereof. If you receive this message > in error, please notify the sender immediately and delete all copies of this > message. > ------------------------------------------------------------------------------ > Better than sec? Nothing is better than sec when it comes to > monitoring Big Data applications. Try Boundary one-second > resolution app monitoring today. Free. > http://p.sf.net/sfu/Boundary-dev2dev_______________________________________________ > Cosign-discuss mailing list > Cosign-discuss@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/cosign-discuss ------------------------------------------------------------------------------ Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second resolution app monitoring today. Free. http://p.sf.net/sfu/Boundary-dev2dev _______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss
