0 Replies Latest reply on Apr 14, 2014 8:12 AM by mvlonden

    Radius cookies

    mvlonden

      Hi,

       

      For older version of SGD (<4.31) there was a code that expires the Radius cookie upon logout.

      This code doesn't work for the newer version.

      Remold Krol added the following lines in the following files:

       

      httpd-radius.conf:

       

      <Location /sgd >
         Order Allow,Deny
         Allow from env=sgd_noauth_ok
         AuthType Basic
         AuthName "RADIUS Authentication for SGD"
         AuthBasicAuthoritative off
         AuthRadiusAuthoritative on

      AuthBasicProvider radius

       

         AuthRadiusCookieValid 540
         AuthRadiusActive On
         AuthUserFile /dev/null
         Require valid-user
         Satisfy any
      </Location>

       

      logged-out.jsp:

       

          pageContext.removeAttribute(SESSION_OBJ, PageContext.SESSION_SCOPE);
          removeCookie(request, response, pageContext, SESSION_OBJ, getContextPath(request));
          removeCookie(request, response, pageContext, SESSION_OBJ,
                       getServletContext().getInitParameter(ADMINTOOL));
          removeCookie(request, response, pageContext, CLIENT_COOKIE, "/");

       

          removeCookie(request, response, pageContext, "RADIUS", "/");

       

      The main difference between the previous code and this one, is that the previous code expires the Radius cookie upon logout; the new code removes the Radius cookie after being logged-out.

       

      This code was test with version SGD 5.1 (including latest patch).

       

      Hope this also works for you.

       

      Regards,

      Michael