If Cross-Domain Single Sign-On (CDSSO) is enabled for the agent, the OpenSSO logout URL cannot clear the cookies in the agent domain, and you must create two logout pages as IIS 7.0 resources.
Create two logout URL pages as IIS 7.0 resources. For example: logout.html and logout2.html
Store the logout URL pages in the doc directory of the IIS 7.0 instance. The default directory is C:\inetpub\wwwroot.
Make sure you can access the logout URLs from a browser. For example:
http://agenthost.example.com:port/logout.html
http://agenthost.example.com:port/logout2.html
Login to the OpenSSO console as amadmin.
Click Access Control, realm-name, Agents, and then the profile name for the IIS 7.0 agent.
On the agent Edit page, click OpenSSO Services.
Under Agent Logout URL, add the logout URLs. For example:
Logout URL: http://agenthost.example.com:port/logout.html
Logout Redirect URL: http://agenthost.example.com:port/logout2.html
Click Save.
On the agent Edit page, click Application.
Add the same URLs as Not Enforced URLs:
http://agenthost.example.com:port/logout.html
http://agenthost.example.com:port/logout2.html
Click Save.
The logout links in an application deployed on the IIS 7.0 instance should invoke the logout URL used in this procedure.