how to logout all the applications that use webseal as a sso provider ,As from one of the application i  have hit the url https://<webseal host>/pkmslogout   i want to logout all the application s   which are active in the same browser  .

  for example if i log out  gmail   than google docs , youtube  ,google drive etc will be logged out  similar requirement i have  ,Please suggest

------------------------------
srinivas kumar
------------------------------

Hello Srinivas,

You can use the single-sign-off feature.

More details at:
https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.0/com.ibm.isam.doc/wrp_config/concept/con_single_signoff.html

When you perform /pkmslogut, webseal sends the specific headers and cookies for that junction to backend during /pkmslogout and backend application should perform session logout based on junction cookie.

Thanks, Virag

------------------------------
Viragkumar Shanabhai Motibhai Patel
------------------------------

Original Message:
Sent: Wed June 17, 2020 09:20 PM
From: srinivas kumar
Subject: How to logout all the applications that use webseal as a sso provider

how to logout all the applications that use webseal as a sso provider ,As from one of the application i  have hit the url https://<webseal host>/pkmslogout   i want to logout all the application s   which are active in the same browser  .

  for example if i log out  gmail   than google docs , youtube  ,google drive etc will be logged out  similar requirement i have  ,Please suggest

------------------------------
srinivas kumar
------------------------------

Thanks Virag Patle for the reply .


  I have an issue to logout session of backed application  based on junction cookie.   because   i have  to access cross domain  Cooke ,is it possible to read cross domain Cookie  ? please suggest .

can we access this junction cookie by any url hit from back-end application  .


in my env webseal is installed on 10.xxx.yyy.zzz   and my client apps are installed on 10.kkk.rrr.ttt  to can i read the cookie set for domain 10.xxx.yyy.zzz   from 10.kkk.rrr.ttt   , please correct me if i am going wrong .

 Thanks 
srinivas

------------------------------
srinivas kumar
------------------------------

Original Message:
Sent: Fri June 19, 2020 02:07 AM
From: Virag Patel
Subject: How to logout all the applications that use webseal as a sso provider

Hello Srinivas,

You can use the single-sign-off feature.

More details at:
https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.0/com.ibm.isam.doc/wrp_config/concept/con_single_signoff.html

When you perform /pkmslogut, webseal sends the specific headers and cookies for that junction to backend during /pkmslogout and backend application should perform session logout based on junction cookie.

Thanks, Virag

------------------------------
Viragkumar Shanabhai Motibhai Patel

Original Message:
Sent: Wed June 17, 2020 09:20 PM
From: srinivas kumar
Subject: How to logout all the applications that use webseal as a sso provider

how to logout all the applications that use webseal as a sso provider ,As from one of the application i  have hit the url https://<webseal host>/pkmslogout   i want to logout all the application s   which are active in the same browser  .

  for example if i log out  gmail   than google docs , youtube  ,google drive etc will be logged out  similar requirement i have  ,Please suggest

------------------------------
srinivas kumar
------------------------------

Hi Srinivas, My two cents...

On your logout page,  configure a  href/src to a dummy image file which contains href tags to /pkmslogout for all WebSEAL sessions you intend to logout.. Make sure the dummy image file is invoked before application logout page (Add in the head section) . I believe, when WebSEAL logout is invoked from dummy image file,  then each WebSEAL should be able to take of the backend session via single-signoff-uri (As suggested by Virag).

Hope it helps.


Regards,
Rama

------------------------------
Rama Yenumula
------------------------------

Original Message:
Sent: Tue June 30, 2020 12:06 AM
From: srinivas kumar
Subject: How to logout all the applications that use webseal as a sso provider

Thanks Virag Patle for the reply .


  I have an issue to logout session of backed application  based on junction cookie.   because   i have  to access cross domain  Cooke ,is it possible to read cross domain Cookie  ? please suggest .

can we access this junction cookie by any url hit from back-end application  .


in my env webseal is installed on 10.xxx.yyy.zzz   and my client apps are installed on 10.kkk.rrr.ttt  to can i read the cookie set for domain 10.xxx.yyy.zzz   from 10.kkk.rrr.ttt   , please correct me if i am going wrong .

 Thanks 
srinivas

------------------------------
srinivas kumar

Original Message:
Sent: Fri June 19, 2020 02:07 AM
From: Virag Patel
Subject: How to logout all the applications that use webseal as a sso provider

Hello Srinivas,

You can use the single-sign-off feature.

More details at:
https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.0/com.ibm.isam.doc/wrp_config/concept/con_single_signoff.html

When you perform /pkmslogut, webseal sends the specific headers and cookies for that junction to backend during /pkmslogout and backend application should perform session logout based on junction cookie.

Thanks, Virag

------------------------------
Viragkumar Shanabhai Motibhai Patel

Original Message:
Sent: Wed June 17, 2020 09:20 PM
From: srinivas kumar
Subject: How to logout all the applications that use webseal as a sso provider

how to logout all the applications that use webseal as a sso provider ,As from one of the application i  have hit the url https://<webseal host>/pkmslogout   i want to logout all the application s   which are active in the same browser  .

  for example if i log out  gmail   than google docs , youtube  ,google drive etc will be logged out  similar requirement i have  ,Please suggest

------------------------------
srinivas kumar
------------------------------

I personally think that in a mixed junction/federation environment it is impossible to do this reliably, and a bad idea to implement any system that might be reliant on things working this way.

I know there are a lot of people that don't agree with that point of view, and that's ok. This is just my own thoughts.

Regards,

Shane.

------------------------------
Shane Weeden
IBM
------------------------------

Original Message:
Sent: Wed June 17, 2020 09:20 PM
From: srinivas kumar
Subject: How to logout all the applications that use webseal as a sso provider

how to logout all the applications that use webseal as a sso provider ,As from one of the application i  have hit the url https://<webseal host>/pkmslogout   i want to logout all the application s   which are active in the same browser  .

  for example if i log out  gmail   than google docs , youtube  ,google drive etc will be logged out  similar requirement i have  ,Please suggest

------------------------------
srinivas kumar
------------------------------

Hello Srinivas,

You can use the single-sign-off functionality to achieve this.

More details at:
https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.0/com.ibm.isam.doc/wrp_config/concept/con_single_signoff.html

When you perform /pkmslogout, webseal sends junction specific header or cookies to backend server and backend application is responsible to terminate session based on provided header or cookies. This allows an option to remove the session on backend server.

Thanks, Virag

------------------------------
Virag Patel
------------------------------

Original Message:
Sent: Wed June 17, 2020 09:20 PM
From: srinivas kumar
Subject: How to logout all the applications that use webseal as a sso provider

how to logout all the applications that use webseal as a sso provider ,As from one of the application i  have hit the url https://<webseal host>/pkmslogout   i want to logout all the application s   which are active in the same browser  .

  for example if i log out  gmail   than google docs , youtube  ,google drive etc will be logged out  similar requirement i have  ,Please suggest

------------------------------
srinivas kumar
------------------------------