topic Re: alfresco share logout with external SSO in Alfresco Archive

alfresco share logout with external SSO

bharathmallela — Thu, 27 Oct 2016 05:13:49 GMT

HI ,I have include the alfresco in .Net Application has Tab, configured Alfresco with external SSO .we have common log out button for entire application ,i need to invalidate the alfresco session when we click common logout.Any suggestions how to invalidate the alfresco user session.ThanksBharath

Re: alfresco share logout with external SSO

idwright — Thu, 27 Oct 2016 08:47:23 GMT

This depends on which version you're using.

In recent versions you need to do a POST to /page/dologout - you can use redirectURL and redirectURLQueryKey/redirectQueryKeyValue to determine where the request ends up.

In earlier versions this was a GET

Normally I would expect the redirectURL to take you to the SSO logout - you've got to logout of both Alfresco and SSO for it to be effective

You can end up with a 401 response even if it's worked

Re: alfresco share logout with external SSO

bharathmallela — Thu, 27 Oct 2016 10:51:10 GMT

Hi Ian,

Thanks for suggestion.

I am using alfresco 5.0.1 .

yes it helps, if I implement logout mechanism from alfresco ,It was working from alfresco logout.

referred from your blog Alfresco CAS Integration

but the logout button was enabled in .Net application.

when user clicks on logout button from .Net application, i need clear the alfresco user session ??

hope you understand my problem

Thanks

Bharath

Re: alfresco share logout with external SSO

idwright — Thu, 27 Oct 2016 11:20:00 GMT

Providing that the CSRF config doesn't get in the way, it should be possible to post to that link from your .Net application - posting to that link will clear the Alfresco user session.

One thing to be aware of it that if the user is still signed in to SSO then you have to be careful that they don't get automatically logged back in - I think that's where the redirectURL parameter is important for your use case.

Re: alfresco share logout with external SSO

bharathmallela — Fri, 28 Oct 2016 08:40:06 GMT

Thanks for your response

we tried to post the URL share/page/dologout from .Net application.

user session got invalidate, but it was not redirecting to URL mentioned in redirectURL

Thanks

Bharath

Re: alfresco share logout with external SSO

idwright — Fri, 28 Oct 2016 08:57:14 GMT

I think your main aim was to get the user session invalidated so hopefully your problem is solved now, at least from an Alfresco point of view

What happens with the redirection will depend on how you are dealing with the response to your post - perhaps you need to log out of SSO before logging out of Alfresco in your case.

I find it helpful to follow the requests to see what is happening e.g. using the Live HTTP Header add on in Firefox

Another option might be to use javascript to trigger the logout menu option in your tab

Re: alfresco share logout with external SSO

bharathmallela — Mon, 21 Nov 2016 08:59:21 GMT

Hi Ian,

the dologout URL is not working in distributed distributed ??

distributed, i mean installed .NET application and alfresco in different severs

The same is working fine ,with localhost domain.

traced the URL in logs, the request has been served by alfresco ,i got 401 unauthorised error ,but the user session is not validating properly.

any change required from alfresco side for distributed distributed ??

Thanks in advance !!!

Thanks

Bharath

Re: alfresco share logout with external SSO

birundha — Sat, 24 Feb 2018 10:27:14 GMT

how did you call "/share/page/dologout" from external application.Can you share an example