For logging users out, you should disable log out from ATG Self Service by hiding the link.
Otherwise, you need to make sure that the logout action from ATG Self Service logs out the user from your single sign-on scheme.
To do this, you need to subclass atg.userprofiling.ProfileFormHandler
, and in that class, override ProfileFormHandler.postLogoutUser(DynamoHttpServletRequest,
DynamoHttpServletResponse)
, making sure to call super.postLogoutUser(request, response)
in the last line of that function.
Then override the Nucleus configuration for ProfileFormHandler
to point at your subclass by creating a file in <ATG2007.3dir>/localconfig/atg/userprofiling/ProfileFormHandler.properties
that contains one line:
$class=com.acme.MyProfileFormHandler
where com.acme.MyProfileFormHandler
is the name of your subclass of ProfileFormHandler
.
The postLogoutUser
method will be called after the logout button is clicked in ATG Self Service. Therefore, whichever code logs a user out of your single sign-on scheme should be invoked by that method.