Discussions
Categories
- 197K All Categories
- 2.5K Data
- 546 Big Data Appliance
- 1.9K Data Science
- 450.8K Databases
- 221.9K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 552 MySQL Community Space
- 479 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3.1K ORDS, SODA & JSON in the Database
- 556 SQLcl
- 4K SQL Developer Data Modeler
- 187.2K SQL & PL/SQL
- 21.4K SQL Developer
- 296.4K Development
- 17 Developer Projects
- 139 Programming Languages
- 293K Development Tools
- 110 DevOps
- 3.1K QA/Testing
- 646.1K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 159 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.2K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 19 Java Essentials
- 162 Java 8 Questions
- 86K Java Programming
- 81 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 205 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 468 LiveLabs
- 39 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.7K Other Languages
- 2.3K Chinese
- 175 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 233 Portuguese
Adf Application SSO logout redirect
Hi,
I use the following code to redirect when invoking the OAM SSO logout request in a ADF application.
But this redirects to a generic logout page and I wanted it to redirect back to the SSO login page, where can I do this configuration?
JDeveloper version 12.2.1.3.0
Regards,
João Rodrigues
Answers
-
Timo Hahn Senior Principal Technical Consultant - Oracle ACE Director Member, Moderator Posts: 38,590 Red DiamondHave you tried the method given in the doc https://docs.oracle.com/cd/E52734_01/oam/AIAAG/GUID-59955940-247A-4F1C-B459-7807C7643FD5.htm#AIAAG2207
Timo
-
Hi Timo,
I'm working with João on this and the issue we are facing now is that when we are using SSO, on logout we are calling OAM and defining the end_url.
When we click in logout it redirects to OAM and the logout is done but there is a afrRedirect that is apended on the end_url
When we login again once OAM redirects to the application the URL has that afrRedirect and fails to load the page with a 404 - Not Found, even though the login is performed.
If we remove the afrRedirect the application shows up with the user logged in.
Another thing we tested was that if we logout in the browser using the intended URL the issue does not happen.
Can you please shed some light of where this afrRedirect comes from and how can we get rid of it?
Thanks in advance,
Jose Passos
-
Timo Hahn Senior Principal Technical Consultant - Oracle ACE Director Member, Moderator Posts: 38,590 Red Diamond
I guess the token is appended by the framework's session life cycle. Here the framework sees that you try to navigate to a faces page and somehow know that you were there before. The token is normally used to session tracking.
What I did in this kind of situation was to set the redirect url to a page that is plain HTML and don'T use security at all. Just a plain page that shows the user that he has been logged out successfully. You can add a button to link to the login page if you like. If the user clicks the link or button he's transferred to the normal login page but gets a new fresh token.
Timo
-
Hi Timo,
Thanks but that how currently is, but it is not an option because all apps in the project are expected to redirect to Login page. Ultimately OAM will redirect to AD login page.
Is there any way to clean those IDs by invalidating anything?
Thanks in advance,
Jose Passos
-
Timo Hahn Senior Principal Technical Consultant - Oracle ACE Director Member, Moderator Posts: 38,590 Red Diamond
You can try to do the logout as described in my last response, but instead of showing a button or link do a direct redirect to the home page. This worked for me in older versions. I did not test this in 12.2.1.x
Timo
-
Hi Timo,
We've managed to bypass the issue by setting the URL with some extra chars like /CPM/faces/Home?1=1 or something like that.
By doing this the afrRedirect is still sent on the Logout but apparently bypasses the issue on the next Login as adf seems to understand this as a new request.
Also, dispite this extra bit being always the same, it seems to do the trick as we managed to logout and login several consecutive times without the issue (so only if we point to the "clean" face the issue appears).
Thanks for support though :)
Regards,
Jose Passos