Single logout can be incorporated when signing up to applications You can configure single logout in WSO2 App Manager . to automatically sign out from all logged in apps, when you sign out from one.
Configuring WSO2 App Manager
To configure WSO2 App Manager for single logout, you only need to specify the LogOut select Enable Single Logout in the Step 2 - Policies section of creating a Web app, and specify the logout URL of your application app as depicted shown below.
Info |
---|
However, when developing third party web applications, do not include hard coded absolute URLs, in which case, the gateway would be bypassed and your web app will get directly invoked. |
WSO2 App Manager internally converts the Web app URL to a gateway URL. When persisting the logout URL, WSO2 App Manager converts it to gateway URL by the logout acton is appended to the gateway URL by tallying it against the web Web app URL. Hence Therefore, you need to enter the complete logout URL always need to start with web app URL as shown in the below convention.(including the Web app URL).
For example, if your Web app URL is http:
...
//locahost:8080/MyWebapp
...
, the enter the logout URL as follows: http://locahost:8080/MyWebapp/?action=logout
.
Info |
---|
App Manager does not require any sort of special parameters to be present in the logout request, for the above convention. |
Configuring the web app
...
Configuring the Web app
As a best practice, Web apps should not contain any hard-coded resource paths when proxying through WSO2 App Manager. Similarly, if the resource path configured for the logout action of your Web application is absolute, WSO2 App Manager by-passes the gateway and invokes the direct URL, and the action sequence for single logout is not triggered.
Therefore, the logout link configuration in a JSP page of the Web app should contain a relative reference as follows.
<li><a href=<% out.println(".?action=logout"); %>>Logout</a></li>