Sun OpenSSO Enterprise Policy Agent 3.0 Guide for Microsoft Internet Information Services (IIS) 6.0

Creating and Adding Logout URLs in a CDSSO Deployment

If Cross-Domain Single Sign-On (CDSSO) is enabled for the agent, the OpenSSO logout URL cannot clear the cookies in the agent domain, and you must create two logout pages as IIS 6.0 resources.

ProcedureTo Create the Logout URL Pages

  1. Create two logout URL pages as IIS 6.0 resources. For example: logout.html and logout2.html

  2. Store the logout URL pages in the doc directory of the IIS 6.0 instance. The default directory is C:\inetpub\wwwroot.

  3. Make sure you can access the logout URLs from a browser. For example:

    • http://agenthost.example.com:port/logout.html

    • http://agenthost.example.com:port/logout2.html

ProcedureTo Add the Logout URLs in the OpenSSO Console

  1. Login to the OpenSSO console as amadmin.

  2. Click Access Control, realm-name, Agents, and then the profile name for the IIS 6.0 agent.

  3. On the agent Edit page, click OpenSSO Services.

  4. Under Agent Logout URL, add the logout URLs. For example:

    • Logout URL: http://agenthost.example.com:port/logout.html

    • Logout Redirect URL: http://agenthost.example.com:port/logout2.html

  5. Click Save.

  6. On the agent Edit page, click Application.

  7. Add the same URLs as Not Enforced URLs:

    • http://agenthost.example.com:port/logout.html

    • http://agenthost.example.com:port/logout2.html

  8. Click Save.

Next Steps

The logout links in an application deployed on the IIS 6.0 instance should invoke the logout URL used in this procedure.