*
The moose likes Security and the fly likes siteminder logout problem Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "siteminder logout problem" Watch "siteminder logout problem" New topic
Author

siteminder logout problem

parthi
Greenhorn

Joined: Dec 09, 2007
Posts: 5
In our application we are using the siteminder for the authentication of the users. Whenever the user is authenticated by the siteminder the user is being taken to the application welcome page.Then user performs his own activities and after that whenever he is logging out, i am taking him to the logout page and before that i am clearing all the sessions using the session.invalidate and also setting the session = null. I porvide a link the logout page where the user can click to relogin to the application. So whenever the user clicks on it he should be prompted with the siteminder login screen, instead it is directly taking me to the application. So i dont know wht to do. But if i close the window and open the new window i am getting that login prompt.But when the users types the same URL in the same page he is taken into the application without login screen

Please help me with this issue
Rejeev Divakaran
Greenhorn

Joined: Aug 12, 2007
Posts: 27
As I understand siteminder stores the username and password for each application it manages. When a new request comes it checks if the request is authenticated if not, it do the login (using stored user details) to the application and then forward the request to original request.

I provide a link the logout page where the user can click to relogin to the application. So whenever the user clicks on it he should be prompted with the siteminder login screen, instead it is directly taking me to the application.

This is more of a design issue. Re-login link should point to welcome page not the login page. If the welcome page is protected, appropriate login page will be displayed.
But if i close the window and open the new window i am getting that login prompt.

when you close and re-open the window it is new session; old login is lost
But when the users types the same URL in the same page he is taken into the application without login screen

When you type URI on the same window, it is the same session and login is carried forward.


Regards,<br />Rejeev<br />Blog: <a href="http://rejeev.blogspot.com/" target="_blank" rel="nofollow">http://rejeev.blogspot.com/</a>
Mukund Kumar
Greenhorn

Joined: Aug 13, 2008
Posts: 1
Hi,

I am using Netegrity Siteminder Webagent.
I am facing problem with the URL
http://*****/OntologyAds/Test.jsp?name=mukund

If I disable the Webagent, this URL is working. But if i enable Webagent its throwing 404 error message.

Can anyone help me in solving this problem

Thanks
Mukund
ravi v kumar
Ranch Hand

Joined: Dec 14, 2004
Posts: 56
i also had same issue. but they decided to close the window if user clicks logoff clink. i know its not the solution.

Ravi
Onkar Shendge
Greenhorn

Joined: May 29, 2002
Posts: 11
Siteminder webagent has bad character configuration on the local config and on the policy server. If you can remove characters that you want to allow in the URL, you can fix this issue.
riyan jason
Greenhorn

Joined: Jul 15, 2010
Posts: 1
Limitations of the integration

You will need to remove/change the logout references to logout of Siteminder. We actualy do not do this, as its not really required as its our enterprise SSO and so its unlikely you need to logout of Confluence.

You will need to remove the change password tabs - these are not used (NOTE! Do not do this via the External User Management or you will not be able to use groups!!)

It only works from Confluence 2.1 or later (I have tried in 2.1.x and 2.2.x )


Riyan
 
 
subject: siteminder logout problem
 
Similar Threads
Problem with siteminder logoff in struts apllication
Problem in siteminder logoff
Prblem in siteminder logoff
problems in logout
problem with siteminder in sturts application