== [[/|Shibboleth]] / IdP Logout == This page documents the IAM built logout capability of the IdP. It is a simple bit of JSP script that detects the presence of the _idp_session cookie in the client browser and then sets the cookie for removal of its present. It also provides a return parameter for returning a client browser back to the control of an application. The following flow diagram helps to illustrate the use of the facility. [[Image(logout.png,33%)]] The code for the logout.jsp can be found in the SVN instance for this project:[[br]] source:/shib-svn/idp-war/trunk/logout.jsp -- ==== Deployment as part of the IdP: ==== Writing of a similar IdP logout.jsp function, On Mon, 12 Nov 2012, at 15:09 , Andrew Morgan wrote: To deploy this, stick [the logout.jsp file] in the root of the WAR file. You can either use zip to add it to the WAR file or a better idea would be to put it in the src/main/webapp/ directory of your Shibboleth install directory. I found another interesting logout idea from NCSU: http://xteams.oit.ncsu.edu/iso/shibboleth/logout They provide multiple logout pages that have different behaviors. We may implement that here at OSU also. I don't know if this information would be worth putting in the wiki, but hopefully the next guy that needs to implement IDP logout will have a better starting point than I did! ==== Test & Usage ==== The following re-directs to a proof-of-concept page in the main IAM wiki after deleting the IdP sesssion: https://idp.alaska.edu/idp/logout.jsp?return=https://iam.alaska.edu/trac/wiki/SSOsessionDestroyed Test behavior by pasting into a browser address. [[br]] Note that if there is no current IdP session, instead of a re-directing to the specified page, this attached login.jsp presents a generic page with the text "You are not logged in."