none
Portal Log Out Question RRS feed

  • Question

  • Hi there,

                 We are currently setting up UAG to act as a portal to all our web services. We have successfully published various apps to the portal and have enabled single sign to these mostly using UAG custom log in scripts to pass the credentials through to the application log on forms. However since we have set up the apps to use application specific host names the log out button on most of the apps is useless as it returns the user to the application log in page which UAG then recognises and does what it is told to and fills in the form and promptly logs the user in again. We can by using the customised appwrap functionality to hide the log out buttons on all our apps but what we would really like to do is to use the appwrap functionality to rewrite the logout URL so that by clicking the log out button it sends the user to the portal log out page. Does anyone have experience of doing this via this method or can suggest another way? It isn't so important when someone accesses an app via the portal as we user can go back to the portal to log out, the real problem is when a uses accesses the app via it's specific hostname.

    many thanks,

    Peter 

    Friday, June 24, 2011 1:27 PM

Answers

  • Hi Peter,

    You should be able to do that. From your description of the issue, it sounds like you're pretty familiar with the AppWrap mechanism, so you probably don't need step-by-step instructions. What you should to is "get some inspiration" from UAG's default AppWrap file, found here: ...\von\Conf\WizardDefaults\AppWrapTemplates\HTTPS_WhlFiltAppWrap_ForPortal.xml (NOTE: please do not make changes to this file).

    There are many occurrences in this file where the UAG Logoff URL is used, but since the XML file contains the HTML code encoded in Base64, I will point you to one of these occurrences .

    - Open the HTTPS_WhlFiltAppWrap_ForPortal.xml file using the UAG Editor (found in ...\common\bin)

    - Search for ECP - you should find the following XML remark: <!-- Logoff in ECP -->

    - In this <DATA_CHANGE> section there are 4 (four) <SAR> sections. Go to the last one and decode from Base64 both the <SEARCH> and the <REPLACE> sections. Once decoded, you should have something like this:

      <SAR conditional_variable="DontShowLogoff" conditional_var_value="FALSE">
       <SEARCH encoding="base64"><a class="logOffLink"</SEARCH>
       <REPLACE encoding="base64"><script language="JavaScript" src="WhlOwnURLscripts/CacheClean.js"></script><script language="JavaScript" src="WhlOwnURLlogoffParams.asp?site_name=WhlSiteName&secure=WhlSecure"></script>
    <script language="JavaScript" src="WhlOwnURLscripts/logoff.js"></script><a class="logOffLink"</REPLACE>
      </SAR>

    So you can see how this AppWrap inserts some JavaScript code, to handle cache cleaning (CacheClean.js) and to invoke UAG's logoff URL (WhlOwnURLlogoffParams.asp?...).

    Try to do the same in your custom AppWrap, to replace the original application logout URL with the above.

     

    HTH,


    -Ran
    • Marked as answer by SwanseaPete Wednesday, June 29, 2011 9:16 AM
    Sunday, June 26, 2011 10:37 AM

All replies

  • Hi Peter,

    You should be able to do that. From your description of the issue, it sounds like you're pretty familiar with the AppWrap mechanism, so you probably don't need step-by-step instructions. What you should to is "get some inspiration" from UAG's default AppWrap file, found here: ...\von\Conf\WizardDefaults\AppWrapTemplates\HTTPS_WhlFiltAppWrap_ForPortal.xml (NOTE: please do not make changes to this file).

    There are many occurrences in this file where the UAG Logoff URL is used, but since the XML file contains the HTML code encoded in Base64, I will point you to one of these occurrences .

    - Open the HTTPS_WhlFiltAppWrap_ForPortal.xml file using the UAG Editor (found in ...\common\bin)

    - Search for ECP - you should find the following XML remark: <!-- Logoff in ECP -->

    - In this <DATA_CHANGE> section there are 4 (four) <SAR> sections. Go to the last one and decode from Base64 both the <SEARCH> and the <REPLACE> sections. Once decoded, you should have something like this:

      <SAR conditional_variable="DontShowLogoff" conditional_var_value="FALSE">
       <SEARCH encoding="base64"><a class="logOffLink"</SEARCH>
       <REPLACE encoding="base64"><script language="JavaScript" src="WhlOwnURLscripts/CacheClean.js"></script><script language="JavaScript" src="WhlOwnURLlogoffParams.asp?site_name=WhlSiteName&secure=WhlSecure"></script>
    <script language="JavaScript" src="WhlOwnURLscripts/logoff.js"></script><a class="logOffLink"</REPLACE>
      </SAR>

    So you can see how this AppWrap inserts some JavaScript code, to handle cache cleaning (CacheClean.js) and to invoke UAG's logoff URL (WhlOwnURLlogoffParams.asp?...).

    Try to do the same in your custom AppWrap, to replace the original application logout URL with the above.

     

    HTH,


    -Ran
    • Marked as answer by SwanseaPete Wednesday, June 29, 2011 9:16 AM
    Sunday, June 26, 2011 10:37 AM
  • Thank you Ran for getting back to me. I'll try this today.

    Peter

    Monday, June 27, 2011 8:41 AM
  • That works really well, thanks for your help. In the application I was publishing (blackboard) I have replaced the log out url with the following code in the custom appwrap file

    <APP_WRAP ver="3.0" id="RemoteAccess_HTTPS.xml">
    <MANIPULATION>
     <MANIPULATION_PER_APPLICATION>
                <APPLICATION_TYPE>BlackboardWeb</APPLICATION_TYPE>
                <DATA_CHANGE>
                    <URL case_sensitive="false">.*</URL>
                    <SAR>
       <SEARCH encoding="base64"><a target="_top" href="https://yoururl/webapps/login?action=logout" class="logout topLevel">Logout</a></SEARCH>
     <REPLACE encoding="base64"><script language="JavaScript" src="WhlOwnURLscripts/CacheClean.js"></script><script language="JavaScript" src="WhlOwnURLlogoffParams.asp?site_name=WhlSiteName&secure=WhlSecure"></script>
    <script language="JavaScript" src="WhlOwnURLscripts/logoff.js"></script><a href="WhlLogoffURL" onclick="endSession();"><img src="WhlOwnURLImages/logoutBB.gif"/>Log Out</a></REPLACE>
     </SAR>
                </DATA_CHANGE>
            </MANIPULATION_PER_APPLICATION>
    </MANIPULATION>
    </APP_WRAP>

    As well as inserting the javascript the key to getting this working was the call to the endsession() function in the onclick event of the logout link. I'm not sure whether the WhlLogoffURL as the target of the link is necessary as I think the endSession function will redirect the user to this URL in any case but I've placed it in there for consistency along with the same log out image as on the portal page.

    Thanks,

    Peter

     


    Wednesday, June 29, 2011 9:28 AM
  • Hi Peter,

    Glad to hear you got it to work, thanks for updating.

    Regards,


    -Ran
    Wednesday, June 29, 2011 12:13 PM
  • Is this problem / solution only specific to SharePoint published throug UAG's or could it be any web application?

    I'm currently dealing with a problem whereby a web app that we have published through our UAG's is acting strangely.  Once you login to our web app it is all fine until you go to the one link which is a javascript popup, when I hover or go to the properties of the link it says "javascript: ShowContentWindow(",",true);  When I click on this link I get a popup and see the logofff text that you would usually see on this website once you've logged off (Unauthorized use of this website blah blah blah blah), the other strange thing is that no matter where I am on this web app when I click log off I see the same text I see when I click on the previous link i.e. Unauthorized use of this website blah blah blah.

    When I access the web app internally (i.e. not going through the UAG's) it all works just fine.  Any help on this would be greatly appreciated as I'm really struggling to get my head around this.  Take note, I'm a UAG newbie and everything that was said in the previous post about editing the WhlFiltAppWrap_ForPortal.xml file is all a bit new to me.  Please be gentle :)

    Friday, August 17, 2012 11:07 PM