siteminder logout problem

In our application we are using the siteminder for the authentication of the users. Whenever the user is authenticated by the siteminder the user is being taken to the application welcome page.Then user performs his own activities and after that whenever he is logging out, i am taking him to the logout page and before that i am clearing all the sessions using the session.invalidate and also setting the session = null. I porvide a link the logout page where the user can click to relogin to the application. So whenever the user clicks on it he should be prompted with the siteminder login screen, instead it is directly taking me to the application. So i dont know wht to do. But if i close the window and open the new window i am getting that login prompt.But when the users types the same URL in the same page he is taken into the application without login screen

Please help me with this issue

As I understand siteminder stores the username and password for each application it manages. When a new request comes it checks if the request is authenticated if not, it do the login (using stored user details) to the application and then forward the request to original request.

I provide a link the logout page where the user can click to relogin to the application. So whenever the user clicks on it he should be prompted with the siteminder login screen, instead it is directly taking me to the application.

This is more of a design issue. Re-login link should point to welcome page not the login page. If the welcome page is protected, appropriate login page will be displayed.

But if i close the window and open the new window i am getting that login prompt.

when you close and re-open the window it is new session; old login is lost

But when the users types the same URL in the same page he is taken into the application without login screen

When you type URI on the same window, it is the same session and login is carried forward.

Hi,

I am using Netegrity Siteminder Webagent.
I am facing problem with the URL
http://*****/OntologyAds/Test.jsp?name=mukund

If I disable the Webagent, this URL is working. But if i enable Webagent its throwing 404 error message.

Can anyone help me in solving this problem

Thanks
Mukund

i also had same issue. but they decided to close the window if user clicks logoff clink. i know its not the solution.

Ravi

Siteminder webagent has bad character configuration on the local config and on the policy server. If you can remove characters that you want to allow in the URL, you can fix this issue.

Limitations of the integration

You will need to remove/change the logout references to logout of Siteminder. We actualy do not do this, as its not really required as its our enterprise SSO and so its unlikely you need to logout of Confluence.

You will need to remove the change password tabs - these are not used (NOTE! Do not do this via the External User Management or you will not be able to use groups!!)

It only works from Confluence 2.1 or later (I have tried in 2.1.x and 2.2.x )